US law firms accused of poor cyber security

WHENEVER there is a takeover of one company by another, lawyers are invariably involved in drawing up contracts, heads of agreement and due diligence documents.

American prosecutors have discovered that a trio of bright Chinese hackers made a fortune by taking advantage of the very poor cyber security in many law firms and having gained easy access to numerous sites, they simply discovered information concerning a number of takeovers.

Having found out which companies were in merger and acquisition talks, they were able to purchase stocks in advance of public announcements and it is alleged that they made in excess of $4 million (€3.8 million) in profits.

Of the three men involved who are all from Macau, one has been arrested by Hong Kong police and will be extradited to the USA to face charges of conspiracy, insider trading, wire fraud and computer intrusion, whilst the other two although identified have not been found and there appears to have been no direct request to the Macau authorities to assist.

This revelation of a new target for cyber intruders has come as something of a wake-up call for corporate America and US State Attorney Preet Bharara who is prosecuting the case has warned law firms that they will continue to be vulnerable not only from external hacking but from internal manipulation unless their security is considerably improved.

According to the New York Times the trio had successfully hit seven different lawyers’ firms during 2015 and had ‘attacked’ their sites and e-mail servers on more than 100,000 occasions with their profits coming from information concerning at least two major takeovers.

With accusations of the Russian government trying to influence the result of the latest Presidential Election through cyber manipulation and almost daily announcements of major banks and servers being hacked, it is possible that the activities that have been discovered are just the tip of an iceberg which could be more dangerous to international economies then ever imagined.

It is not just computers in offices that are at risk, with the increase of available information on tablet and Android smart phones, these are also becoming a major target for malware and hacking especially with the proliferation of apps from banks which allow for the payment of goods and services.