“On Monday, New Year’s Eve, a hacker group announced it had breached a law firm handling cases related to the September 11 attacks, and threatened to publicly release a large cache of related internal files unless their ransom demands were met,” Motherboard reports on the group known as The Dark Overlord’s lofty claims.
The outlet further details the hacker coalition:
The Dark Overlord, which has previously targeted a production studio working for Netflix, as well as a host of medical centres [sic] and private businesses across the United States. The announcement also signals a slight evolution in The Dark Overlord’s strategy, which has expanded on leveraging the media to exert pressure on victims, to now distributing its threats and stolen data in a wider fashion.
Company Confirms & Threats Made
From a published document on Pastebin from the group:
But of course this can’t become public, for fear of compromising a nation’s security, so they temporarily release these materials to the solicitor firms involved in the litigation with the strict demand they’re destroyed after their use and that they remain highly protected and confidential to only be used behind closed doors. However, humans aren’t perfect and many of these documents don’t become destroyed, and when thedarkoverlord [sic]comes along hacking all these solicitor firms, investment banks, and global insurers, we stumble upon the juiciest secrets a government has to offer.
A spokesperson for an affected organization Hiscox Group confirmed that they had a security breach to Motherboard. “The law firm’s systems are not connected to Hiscox’s IT infrastructure and Hiscox’s own systems were unaffected by this incident. One of the cases the law firm handled for Hiscox and other insurers related to litigation arising from the events of 9/11, and we believe that information relating to this was stolen during that breach,” the official wrote on background in an email.
“Pay the fuck up, or we’re going to bury you with this. If you continue to fail us, we’ll escalate these releases by releasing the keys, each time a Layer [sic] is opened, a new wave of liability will fall upon you,” the group wrote in their extortion letter directed towards solicitor firms, politicians involved in cases involving 9/11, law enforcement involved investigations, or any another entity involved in handling documents.
“Experts agree the material the Dark Overlord claims to have is not as game-changing as it seems,” Kate O’Flaherty of Forbes writes. “Ian Thornton-Trump, head of cybersecurity at Amtrust International says this latest incident sounds like ‘cyber-criminal bravado,'” she continues. “The fact that the firms are named makes me want to believe they have refused to pay the ransoms, so this is a pressure tactic by The Dark Overlord to force the ransom issue,” Thorton-Trump later told O’Flaherty.
The Dark Overlord’s demand for Bitcoin is another case of hackers demanding cryptocurrency instead of fiat currency for extortion purposes. Of note, cryptocurrency isn’t to blame for the actions, however, the decentralized nature of the new technology makes it difficult to track.
The nature of the stolen documents and whether they are made public will determine how big of a story the security breach becomes. Either way, the incident serves as a reminder of the importance of data security in the modern digital age.