Malware
Australian commercial law giant defies BlackCat ransomware attack, emerges victorious
Australian law firm, Law In Order, has successfully prevented a ransomware attack by Blackcat after detecting the malware early on. The ransomware was designed to extort sensitive data from the company’s systems in exchange for payment. However, Law In Order’s quick response and backup systems prevented any data loss, highlighting the importance of cybersecurity measures for businesses.
IT Services provider HWL Ebsworth has confirmed that their network was hacked by the ALPHV ransomware group, who have claimed to have stolen data from the firm. HWL Ebsworth is one of the largest law firms in Australia with an annual revenue of hundreds of millions of dollars. The firm employs over 2,000 people and operates nine offices across the country. The ALPHV ransomware group, also known as BlackCat, has published 1.45 terabytes of data allegedly stolen from HWL Ebsworth in April 2023, threatening to leak more if their demands are not met.
Despite the threat, a spokesperson for the firm has stated that they will not give in to the demands of the extortionist group, even if it means that they and their clients will suffer the consequences of a data leak. The spokesperson added that they take their ethical and moral responsibilities very seriously and will not condone criminal activity that involves extorting money by taking and threatening to publish other people’s data. The privacy and security of the client and employee data remains their utmost priority, and they are closely communicating with their clients.
Given that HWL Ebsworth had business with the public sector, there are concerns that the leaked documents may contain sensitive or confidential information relating to matters of the state. According to ABC, ANZ banking group, South Australian, Queensland, and ACT governments, Environment and Human Services Department, and the Australian Taxation Office (ATO) are some of the current or former clients of HWL Ebsworth, potentially impacted by this incident.
Unfortunately, the leaked documents on BlackCat’s site are easily accessible as the threat group’s indexed database allows visitors to filter search results by filename or file type. Bleeping Computer has contacted HWL Ebsworth to comment on the status of its operations and the progress of its internal investigation on the validity of the leaked data, but they have yet to respond.