June 28 (Reuters) – Mercenary hackers increasingly are
targeting law firms in a bid to steal data that could tip the
balance in legal cases, French and British authorities say,
echoing a Reuters investigation that uncovered the phenomenon
last year.
In a pair of reports published over the past week, the cyber
watchdog agencies of France and the United Kingdom cataloged an
array of digital challenges faced by law firms, including
threats posed by ransomware and malicious insiders. Both also
highlighted the dangers posed by mercenary hackers hired by
litigants to filch sensitive information from courtroom
opponents.
The London-based National Cyber Security Centre (NCSC) said
in its report published on June 22 that it was increasingly
seeing “hackers-for-hire” brought in “to gain the upper hand in
business dealings or legal disputes.”
France’s cyber watchdog, known as ANSSI, said in its report
released Tuesday that “mercenaries with offensive cyber
capacities” were increasingly targeting the legal sector. ANSSI
cited Reuters reporting last year on how mercenary hackers based
out of India were being drafted to help sway high-profile cases
in the United States, Europe and elsewhere.
That story – which was based on interviews with victims,
researchers, investigators, former U.S. government officials,
lawyers and hackers, plus a review of court records and
thousands of emails – revealed that hacking groups based in
India were responsible for a years-long hacking spree that
targeted some 1,000 attorneys at 108 different law firms
worldwide. Reuters showed how the hackers made a business out of
stealing documents for their clients and, in some cases, trying
to enter the ill-gotten material as evidence.
The investigation has since been corroborated by researchers
at Alphabet-owned Google and Facebook owner Meta
Platforms Inc.
Britain’s NCSC and France’s watchdog ANSSI didn’t
immediately respond to emails seeking comment.
(Reporting by Raphael Satter)
