Anonymous ID: cc7ce4 Jan. 8, 2019, 12:55 p.m. No.4665535   🗄️.is 🔗kun   >>5559

If there's nothing in the Dark Overlord insurance files, then why are they a threat?

 

http://www.liveinsurancenews.com/dark-overlord-may-prove-to-be-the-insurance-industrys-biggest-threat/8546248/

 

Dark Overlord is the name of an individual or group behind what may be a massive cyberattack on insurance companies. Dark Overlord claims to have stolen files connected with the insurance filings made as a result of the terror attacks of September 11, 2001.

 

If this is the case, Dark Overlord may have achieved the largest ever hack into the insurance industry.

According to a Forbes report, Dark Overlord is seeking Bitcoin payments in exchange for the data’s return.

 

The stolen 9/11 insurance claim data was allegedly stolen from an insurance company that remained unnamed but that worked in conjunction with major insurers including Lloyd’s of London and Hiscox.

 

At first, the hacker(s) stated their intention for using the data to reignite fears regarding 9/11 conspiracy theories. However, the Forbes report said Dark Overlord informed the newspaper that “We’re doing this to fuel our Bitcoin wallets.” The hacker has been behind several attempts at extortion, including a 2017 hack of one of the studios working for Netflix. It has also conducted cyberattacks against a range of other businesses in the months after that attack.

 

Dark Overlord released a few of the stolen documents as a teaser shortly after their announcement.

Anonymous ID: cc7ce4 Jan. 8, 2019, 12:57 p.m. No.4665559   🗄️.is 🔗kun   >>5575

>>4665535

Lawfag says, nothing to see here. Compliant baker puts it in notables (not current baker)

 

Take note.

 

https://www.law.com/americanlawyer/2019/01/07/dark-overlord-hack-shows-mounting-cyber-risks-for-law-firms/

 

Leaders of those law firms are all likely scratching their heads about how to handle a recent announcement from a nebulous hacker entity calling itself the Dark Overlord, which claims to be in possession of 18,000 legal and insurance documents pertaining to the court fight.

How the Dark Overlord obtained the material is still unclear. It says it hacked insurers Hiscox and Lloyd’s of London, as well as World Trade Center owner Silverstein Properties. Hiscox, meanwhile, has pinned the breach on an unidentified “specialist” law firm that advised it and other insurers, as well as some of its commercial policyholders.

 

There might have been other points of access, which the Dark Overlord is keeping under wraps. Obviously, no one—including law firms, insurers or others in the mix—is owning up to the breach. ”That’s a reputational issue and a stance that they have to take,” said Tom Ricketts, executive director at Aon Professional Services. “There is no certainty as to where the Dark Overlord has obtained the materials.”

 

What’s clear is that the Dark Overlord does have some material. It has released over 45 documents, ranging from pleadings and opinions readily accessible from the federal court docket, invoices to clients, emails between parties in the litigation, to discovery material that’s marked confidential.

 

And the hacker is also open about its aims: it wants the law firms—along with insurers, investment banks, law enforcement agencies involved in the investigation into the attacks, and other parties with documents in the mix—to pay up in order to make sure the material doesn’t see the light of the day. At the same time, it says it’s offering the world—or more specifically terrorist groups like Al-Qaeda, ISIS, rival nation states like Russia and China and anyone else willing to pay—the “truth” about “one of the most recognisable incidents in recent history.”

 

Law Firms in the Crosshairs

In a sense, the Dark Overlord has fused the information-seizing-and-publicizing strategy pioneered by Wikileaks with the desire to cash in that’s at the core of traditional ransomware attacks, where hackers encrypt a target’s files and shut them out until they make a payment, usually via Bitcoin. In previous hacks, the hacker has targeted Netflix and other studios including ABC, HBO, and CBS, threatening to release episodes if the ransom isn’t paid.

 

Now, law firms are in the line of fire.

 

“Hackers often want to expose things of value to them or others, and this fits in the sad but predictable pattern of hackers doing just that,” said Crowell & Moring cybersecurity partner Paul Rosen, formerly chief of staff at the Department of Homeland Security and a federal prosecutor.

 

One obvious takeaway from the breach: Firms connected to the Sept. 11 litigation would be wise to undertake an immediate audit of their data systems, both to probe the possibility that they were a weak link exploited by the Dark Overlord and to forestall the prospect of future incursions.

 

But the Dark Overlord’s hack presents not just an immediate dilemma for firms connected to the Sept. 11 litigation, but a broader challenge for all law firms, which are in a unique position: Not only are they under an obligation to their clients to protect their confidential and sensitive materials, but they also rely on their own service providers, who might have their own vulnerabilities. Furthermore, the everyday business of lawyers involves sensitive communications with co-counsel, opposing counsel, third-party witnesses and law enforcement agencies.