CNBC has reported that access to various law firms’ files and networks are being sold on the Dark Web. In one particular example, access to a New York City law firm was being sold for $3,500 and the individual or group offering access stated they could give screenshots as evidence of the break in.
According to Cybersecurity Service Provider Q6, beyond the New York one, law firms across the United States including multiple firms in Beverly Hills have access being advertised for sale on the Dark Web. The information in the specific New York example was identified on a Russian speaking Forum.
The popular credentials that are advertised on this site were mainly IT admin credentials with high privileges. These accounts appeared to go for the most money. Some of the value provided by these credentials is the ability to access multiple users’ email accounts to obtain sensitive information.
The sanitized screenshots provided by CNBC on where the information was being sold detailed a robust web platform that included support, a balance for purchases, and website sections such as “FAQ”, “Invoices” and “Settings.”
Proficio Threat Intelligence Recommendations:
- Employ additional controls around privileged users within the organization.
- Assess working with partners to perform dark web sweeps or dark web monitoring.
- Have a continuous monitoring program in place to detect suspicious access for public facing remote authentication services.
CNBC Article – Click Here