FBI Warns of Ransomware Attacks on American Law Firms

By Netvora Tech News

---

The FBI has issued a warning about a surge in ransomware attacks targeting American law firms, with hackers using social engineering tactics to steal sensitive information. The attacks have been particularly effective, leading to multiple compromises, according to the FBI.

Ransomware Attack Methods

The hackers use a combination of phishing emails and phone calls to compromise the law firms' systems. In the initial stage, they send "callback phishing" emails to targets, purporting to be from a subscription service provider. To cancel the subscription, the recipient is instructed to call a provided phone number, where the hacker then guides the target to download remote access software, allowing them to take control of the firm's system.

In a new tactic introduced since March, the hackers have begun calling targets, claiming to be IT department employees. They use social engineering to convince the target to grant them access to the system. The hackers then use software like WinSCP or Rclone to steal data, or in cases where the compromised system lacks admin rights, they use WinSCP Portable to exfiltrate data.

FBI Recommendations

The FBI has issued several recommendations to prevent these attacks, including training personnel, developing policies, and communicating with employees about authenticating IT personnel within the organization.

• Train personnel on social engineering tactics and phishing emails.
• Develop policies and procedures for handling IT personnel authentication.
• Communicate with employees about the importance of verifying IT personnel within the organization.

The FBI's warning highlights the need for law firms to prioritize cybersecurity and employee education to prevent these types of attacks. By taking proactive measures, firms can minimize the risk of compromise and protect sensitive information.