U.S. v. Hong et al, U.S. District Court, Southern District of New York, No. 16-cr-360

IBM estimates that businesses are attacked online an average of 16,856 times per year or 46 attacks per business per day. Of these, about two hackers are able to successfully slip through firewalls and past antivirus software in any given week.

cybersecurityMotives for these corporate cyber attacks typically fall into one of three categories: ideological, revenge-based or financial gain. The majority are financially driven.

In the case of U.S. v Hong et al, the motivation was clearly financial. Three Chinese citizens have been charged with trading on confidential corporate information which they obtained by hacking into law firms’ computer networks and targeting partners working on mergers and acquisitions. Their known gain was upwards of four million dollars.

In the words of U.S. Attorney Preet Bharara, “This case of cyber meets securities fraud should serve as a wake-up call for law firms around the world: you are and will be targets of cyber hacking, because you have information valuable to would-be criminals.”

Perimeter defenses, intrusion detection and other state-of-the-art software and network tools are eventually going to be common place at law firms of all sizes. Even when they are, some very simple protocols will help to prevent this type of exfiltration of sensitive client M&A/securities data. And the good news is that these protocols can be instituted now.

Here are a few of them:

  • Train employees on recognizing email phishing.
  • Develop a “bring-your-own-device” policy that reduces opportunities for hackers to move from employee devices to the law firm’s networks.
  • Control and monitor ports.
  • Issue travel devices for those making the trip to work in China. Recycle the travel devices upon their return. Do not have employees use the devices that they customarily use in the US while they are in China.
  • Call us.

 

 

Industries Served

  • Advertising
  • Aerospace and Defense
  • Airline and Travel
  • Arts, Entertainment & Recreation
  • Automotive
  • Biotechnology
  • Construction
  • Corporate Security
  • Electronics
  • Energy
  • Financial Services
  • Government
  • Healthcare
  • High Technology
  • Insurance
  • Investment Management
  • Manufacturing
  • National Security and International Affairs
  • Pharmaceuticals
  • Professional Sports
  • Publishing
  • Real Estate
  • Telecommunications
  • Transportation and Warehousing