Spear phishing scams and major hacking operations were some of the biggest news stories in 2016. Voter databases were hacked during the election and even a major transportation agency had a breach. Unfortunately, it doesn’t look like things will be slowing down in the new year. Just as we were leaving 2016 behind, three more major cybercrimes were uncovered.
Throughout 2014 and 2015, three Chinese hackers infiltrated the systems of seven New York law firms and gained access to confidential information. This data was the utilized for multiple insider trading deals. The three criminals made about $4 million from their efforts, and are now being charged with hacking and insider trading by the US Security and Exchanges Commission (SEC).
Chinese hackers made $4 million through insider trading deals after hacking and stealing information from NY law firms.
Although seven law firms associated with three different companies were involved, the same tactics were used in all of the breaches.
- Starts with a Spear Phishing Email: A hacker obtained login credentials from an individual at the firm, mostly likely through a spear phishing email
- Malware: With this access, the hacker was able to install malware on the server, giving them full access to the email accounts of executives
- Data Breach: With this malware installed the hackers were able to sift through emails for confidential data for trade dealings
These breaches were discovered using “enhanced trading surveillance and analysis capabilities” developed by the SEC in the last few years. The SEC is now freezing the assets of all three hackers, but this attack has shed light on just how catastrophic a breach like this can be.
Why did they target law firms?
“You are and will be the targets of cyber hacking, because you have information valuable to would-be criminals” Preet Bhara, U.S. Attorney for Manhattan
It’s not just law firms that are targets, but any company that handles valuable or confidential information to have the proper security precautions in place.
In late December, the Washington Post reported that malware code previously associated with Russian hacking attempts had made its way onto a computer connected to the Vermont Utility grid. Although this statement was later revised to state that the code was discovered on a computer that was not directly connected to the grid, it still exposed a major vulnerability.
Russian hackers installed malware on a laptop after obtaining credentials through spear phishing