Can’t say this comes as much as a surprise and we hope the law firms aren’t surprised. Because if they are, that means they have been extremely complacent.
Australia’s ABC reports
Chinese hackers are attacking Australian law firms that hold sensitive commercial information and have successfully hacked a research body, an industry specialist has warned.
Key points:
- Experts say threat of cyber espionage in the commercial world is high
- An Australian research and development body was targeted by Chinese hackers
- The origin of Chinese hackers remains unclear
The Chinese espionage group known as the Codoso team or APT-19 has been causing havoc internationally but is turning its attention to Australia.
The Australian Crime Commission’s former cyber security manager, Tim Wellsmore, said any information obtained would likely be passed to Chinese companies.
Law firms hold confidential information that could give the companies inside knowledge ahead of business negotiations, mergers and acquisitions.
In some cases, these firms are seen as weak links as they have not taken cyber security as seriously as some of their clients.
Mr Wellsmore, who is now head of threat intelligence at private security firm FireEye, said APT-19’s origins remained unclear.
“Sometimes it is tricky to understand whether they are sitting there in uniforms working directly for the Chinese Government, or if they are sponsored and given resources but operate outside the Government hierarchy,” he told the ABC.
“APT-19 is certainly acting in support of Chinese state interests but at this stage we have not been able to attribute them to serving members of the Chinese Government.”
FireEye observed at least seven phishing attacks directed at global law firms during May and June, some of which exploited vulnerabilities in Microsoft software.
A spokesman for the Department of the Prime Minister and Cabinet, which leads the Government’s response to cybercrime, said hackers knew there was a low risk of being identified.
“[We] advise organisations to always think about the value of their data, know who has access to their data, know where their data is stored and review the protections in place to best secure their data,” the spokesman said.
The department did not respond to questions about whether APT-19 had compromised any sensitive information.
More at http://www.abc.net.au/news/2017-12-01/chinese-hackers-targeting-australian-law-firms/9213520
