Legal News and Views - Asia Pacific and Beyond

Fortune Report On The Great China Hack of US Law Firms

8 December 2016

Having been based in Hong Kong for most of the past decade we’d almost be surprised if this hadn’t happened.

A wake up call for law firms worldwide

Fortune report….

A series of security breaches that stuck prestigious law firms last year was more pervasive than reported and was carried out by people with ties to the Chinese government, according to evidence seen by Fortune.

The incidents involved hackers getting into the email accounts of partners at well-known firms, and then relaying messages and other data from the partners’ in-boxes to outside servers.

In the case of one firm, the attacks took place over a 94 day period starting in March of 2015, and resulted in the hackers stealing around seven gigabytes of data, according to information obtained by Fortune. That figure would typically amount to tens or hundreds of thousands of emails.

<a href=”https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsvg_ZGuQNu6VNP8i2pHFWNX2saY-ZuB4moKZtxZwNt2eUHX1xI7SfYlEaz1wizeuBVPPKfaradorMRhG1DaHnxm4BECsADhRbYcfLI7u-MnKt-Afnyyrap0nyQcj83be0-nAMAFBCRjgCN6iBHB-B3MGl8Fir2URPtxBFnUyXgwGCK5FVDGOZkraoSP4RTySyCmSBq76IMbU4UfrHDQIDVqAJkhsMSF&sig=Cg0ArKJSzF8PuYuy2AEjEAE&urlfix=1&adurl=https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjssNwAU69H1lt5azRlkU158Pd7zvPe2u4WTJakDSPyki8F9PetzfRcFFR-tht-C1sTcEhvQ5j_fdBdGRj_IcF6awIaQVlkZmsXxJQ2Qjk8qMVa0SBRVY&sig=Cg0ArKJSzOJ5maO1R5swEAE&urlfix=1&adurl=http://www.usa.siemens.com/ingenuity-for-life/?stc=uscg102300#chapter-future-energy-landscape” target=”_blank”><img border=”0″ style=”display:block; margin-left:auto; margin-right:auto” alt=”Backup Image” src=”https://s1.2mdn.net/4520291/1-energy_300x250_backup.jpg” /></a>

The information also revealed the thefts took place in one hour increments, and that the hackers returned repeatedly in search of new information.

News of the law firm breaches surfaced earlier this year when the Wall Street Journal reported that hackers had penetrated the computer networks of Cravath Swaine & Moore, Weil Gotshal & Manges and other unidentified firms. The clients of these firms include many of the world’s biggest companies, and they are privy to sensitive corporate information. Cravath, for instance, is representing Time Warner TWX 0.61% in its merger plans with AT&T T 0.07% .

The Wall Street Journal’s account suggested the goal of the hackers was to obtain information to facilitate insider trading. Cravath at the time responded that it was not aware that any of the exposed information had been used improperly, while Weil declined comment.

The earlier news of the law firm breaches did not say who conducted the hacking, but Fortune has obtained reliable information that indicates the breach took place as part of a larger initiative by the Chinese government. This initiative also saw the hackers target big U.S. companies, including a major airline. The 2015 attack reflected familiar patterns of hacking employed by individuals with connections to the Chinese government, according to the information obtained by Fortune.

Get Data Sheet, Fortune’s technology newsletter.

The evidence obtained by Fortune did not disclose a clear motive for the attack but did show the names of law firm partners targeted by the hackers. The practice areas of those partners include mergers and acquisitions and intellectual property, suggesting the goal of the email theft may indeed have been economic in nature.

Multiple sources in law enforcement and at the law firms declined to go on record for this story, but confirmed the role of China in the email hacking campaign. The sources did not wish to speak publicly in part because the events are the subject of a confidential investigation.

The office of the U.S. Attorney for the Southern District of New York launched the investigation earlier this year, and it is active and ongoing. A spokesperson for the office declined to comment.

An Uncomfortable Issue for Firms

The theft of the partner emails is a serious matter for law firms, which handle a wide variety of sensitive business issues and enjoy a reputation for confidentiality and discretion.

The targets were numerous. In addition to the ones named by the Journal, evidence also shows the hackers tried to target other prominent law firms, including Cleary Gottlieb; Mayer Brown;Latham & Watkins; Covington & Burling; Davis Polk & Wardell. The hacking attempts did not always succeed as some firms rebuffed the attacks or prevented the attackers from removing any data.

Exclusive: China Stole Data From Major U.S. Law Firms