Australian commercial law firm HWL Ebsworth has become a victim of a ransomware attack, with Russian-linked hackers claiming to have acquired client data and employee information. The ALPHV/Blackcat ransomware group published on its website last week that it had hacked 4TB of company data, including employee CVs, IDs, financial reports, accounting data, client documentation, credit card information, and a complete network map.
The group is known for targeting large organizations and operates as a “ransomware-as-a-service” product for hire. The news was first reported by the Australian Financial Review.
According to a recent study by cybersecurity firm Palo Alto Networks, Blackcat is among the top three ransomware groups targeting Australia. Professional and legal services are among the most targeted industries for such attacks, with Australia being the most targeted in the Asia-Pacific region, as stated in the Palo Alto study.
Sophos, a cybersecurity company, previously reported that the attackers broke into networks by exploiting vulnerabilities in unpatched or outdated firewall or virtual private network devices.
The Australian government has stepped up cybersecurity measures after last year’s cyber-attacks on Optus and Medibank, which included more resources for the Australian Federal Police and the appointment of a national cybersecurity coordinator. Clare O’Neil, the home affairs and cybersecurity minister, referred to groups acting for financial gain as “public enemy No. 1” in a speech earlier this month, adding that such groups represent a threat to the national economic life because every sector and business that can pay is a target.
Medibank refused to release the findings of an external Deloitte report into its hack last week, citing security concerns and saying it could put other companies at risk.
