Chinese state-sponsored hackers are suspected to be behind a series of cyberattacks in 2015, targeting US organisations, which reportedly resulted in critical data thefts. The attackers are believed to have accessed email accounts of senior employees at several US law firms and sent sensitive data to remote servers, according to a report.
One of the incidents involved hackers stealing over 7GB of data, in an attack that lasted for over 94 days, according to a report by Fortune. The hackers allegedly also repeatedly returned to the compromised firms' networks to search for new information. The data breaches are believed to have occurred at the height of the US-China cybersecurity tensions, following the high-profile OPM cyberattack.
The cyberattacks were first reported by the Wall Street Journal, which outlined that the networks of law firms such as Cravath Swaine & Moore and Weil Gotshal & Manges were targeted. However, according to the Fortune report, new evidence uncovered indicates that the scope of the attacks may be much larger than previously thought.
It is believed that alongside law firms, networks of a major airline company were also infiltrated by hackers, whose hacking modus operandi suggests a link with those employed by Chinese state-sponsored hackers. Additionally, high-profile law firms including Cleary Gottlieb; Mayer Brown; Latham & Watkins; Covington & Burling; Davis Polk & Wardell appear to have been targeted by the hackers.
The motive of the attacks and data theft still remains unclear. However, reports speculate that since information relating to intellectual property as well as mergers and acquisitions were targeted, the attacks might have had an economic motive.
Law enforcement agencies as well as victims of the cyberattacks have reportedly refrained from providing additional information and comment on the incidents, citing confidentiality. An investigation into the attacks launched earlier in the year by the US Attorney for the Southern District of New York is ongoing.
US law firms still appear to be in the crosshairs of cybercriminals, with renewed attempts allegedly having been made to hack networks using spear-phishing attacks. In late November, New York Attorney General Eric Schneiderman issued a statement warning of a new scam, which involved attackers contacting targeted victims posing as officials of his office. The malware-laced emails came with a malicious link that redirected victims to a site that infected systems.
China-based hackers have been suspected in several cyberespionage attacks on many countries. Earlier in the year, Australian authorities believe that hackers aimed to extract defence secrets by targeting government organisations.