"In a statement, the firm said it "recently discovered a cybersecurity incident involving access to certain systems on our network," and that the attackers had "leveraged what is known as a zero-day attack." It added that, based on an investigation conducted with CrowdStrike, the threat actor was affiliated with a nation-state group "responsible for recent attacks on a number of law firms and companies.""
"Williams & Connolly stated that there was no evidence that confidential client data had been extracted from its databases, which store sensitive case files. Williams & Connolly added that it had "blocked the threat actor" and found "no evidence of any unauthorized traffic" remaining on its network. The breach is particularly sensitive given the firm's high-profile client roster, which includes Bill and Hillary Clinton, Theranos founder Elizabeth Holmes, and major players in the technology, healthcare, and media industries."
"That aligns with a September advisory from Google's Threat Analysis Group and Mandiant, which warned that China-nexus threat clusters had been exploiting multiple zero-day vulnerabilities to infiltrate the US legal sector and gather intelligence on national security and international trade. According to Google, the attackers maintain long-term stealthy access to victim networks, averaging 393 days before detection, by planting custom malware on systems that don't typically run endpoint security tools, such as VPN appliances, VMware vCenter servers, and other edge devices."
Williams & Connolly experienced a cybersecurity incident in which attackers exploited a zero-day vulnerability to access certain systems and a handful of attorney email accounts. An investigation with CrowdStrike linked the threat actor to a nation-state cluster responsible for recent intrusions into law firms and companies. The firm reported no evidence that confidential client data was extracted and said it blocked the threat actor and found no remaining unauthorized network traffic. The breach involves high-profile clients. Security advisories note China-nexus clusters have exploited multiple zero-days to gain prolonged, stealthy access to legal-sector networks for intelligence gathering.
Read at Theregister
Unable to calculate read time
Collection
[
|
...
]