Sensitive data
Cyber attack: hackers target lawyers
A new hacker group called "Helldown Leaks" is targeting notaries, lawyers and legal departments. However, it is targeting their software providers.
Online attacks do not always have to target individuals and companies directly. Sometimes cyber criminals sneak into companies' systems indirectly. This is what happened in a perfidious case discovered by "Krone" cyber expert Dr. Cornelius Granig.
A list of stolen data records, captured from ten victims, recently appeared on the darknet. An unknown hacker group called "Helldown Leaks" is responsible for this. The first name on the list immediately sounded familiar to the security specialist. It is a company based in Vienna, which claims to be one of the leading providers of software for the legal sector.
Up to 15,000 people affected by data leak?
Which means that its 1250 customers and 15,000 users include a number of local lawyers, notaries and corporate legal departments. All of whom are likely to have highly sensitive data on clients, procedures and contracts. What was stolen in the attack and to what extent professional secrets are affected is still unknown.
Lawyers and notaries are the target of many criminal attacks and, as holders of professional secrets, must be particularly vigilant to ensure that their sensitive data does not fall into the wrong hands.
Dr. Cornelius Granig ist der Cybersecurity- Experte der „Krone“.
The industry has so far kept a low profile about the attack. However, there is talk behind closed doors that nervousness is growing. A few months ago, a renowned Viennese business lawyer was reportedly the target of another hacker collective. Most of the time, the only aim of publishing the data records is to extort a ransom from the hacked company. Otherwise, it is often said, the data is offered for sale or posted online.
"The question is whether the perpetrators attacked by chance or whether it was a commissioned act," says Granig. As suppliers and software providers are increasingly becoming targets, it is important to include a review of the digital supply chain in all security concepts.
This article has been automatically translated,
read the original article here.
Kommentare
Willkommen in unserer Community! Eingehende Beiträge werden geprüft und anschließend veröffentlicht. Bitte achten Sie auf Einhaltung unserer Netiquette und AGB. Für ausführliche Diskussionen steht Ihnen ebenso das krone.at-Forum zur Verfügung. Hier können Sie das Community-Team via unserer Melde- und Abhilfestelle kontaktieren.
User-Beiträge geben nicht notwendigerweise die Meinung des Betreibers/der Redaktion bzw. von Krone Multimedia (KMM) wieder. In diesem Sinne distanziert sich die Redaktion/der Betreiber von den Inhalten in diesem Diskussionsforum. KMM behält sich insbesondere vor, gegen geltendes Recht verstoßende, den guten Sitten oder der Netiquette widersprechende bzw. dem Ansehen von KMM zuwiderlaufende Beiträge zu löschen, diesbezüglichen Schadenersatz gegenüber dem betreffenden User geltend zu machen, die Nutzer-Daten zu Zwecken der Rechtsverfolgung zu verwenden und strafrechtlich relevante Beiträge zur Anzeige zu bringen (siehe auch AGB). Hier können Sie das Community-Team via unserer Melde- und Abhilfestelle kontaktieren.