Here is a lesson to us all about the global reach and intent of internet hackers who have an interest in the information assets that we may hold for our own or clients’ interests. China-based hackers have homed in recently on the offices of Toronto’s Bay Street law firms handling a $40 billion acquisition of the world’s largest potash producer by an Australian mining giant. Bloomberg has a great article with all of the details, and outlines discussions undertaken by a group of law firms that got together recently to strategize protective and detective techniques.
The hackers in the Toronto case penetrated and combed through one computer network after another, hitting seven different law firms as well as Canada’s Finance Ministry and Treasury Board, seeking to gather detailed intelligence and potentially undermine the deal. A law firm involved in the deal detected intrusion indicators, including spoofed emails, malicious websites, and network disruptions. Investigators found spyware designed to capture confidential documents, compiled on a Chinese-language keyboard, and using servers in China involved in the attack.
The investigation linked the intrusions to a Chinese effort to kill the developing acquisition. Stolen data of this nature can be worth tens of millions of dollars to those involved on either side of the bargaining table, and gives the possesser an unfair advantage in negotiations. The deal eventually fell apart when the Canadian government declared it wasn’t in the nation’s interest, but the incident highlights the vulnerability of law firm information resources in particular, and the threat of loss of client trust and future business. Continue reading