An influential Australian law firm is attempting to use the long arm of the law to stop hackers from publishing its stolen information and block media from publishing leaked data.
The attackers – Russian outfit known as Black Cat or AlphV – revealed it had stolen four terabytes of data from law firm HWL Ebsworth in April by publishing a Tweet stating that the firm had been added to its victim list.
According to media reports, the firm works for the Reserve Bank of Australia, Qatar Airlines and a number of government organisations.
The Sydney Morning Herald reported that news of a potential hack sent shockwaves through the nation’s legal fraternity, and that attackers were claiming to have posted some of the data on the dark web.
It is not known whether the firm had received a ransom note.
HWL Ebsworth this week managed to obtain an injunction from the Supreme Court of NSW in an attempt to legally prevent hackers from disclosing its stolen information.
The injunction will also prevent media from reporting any details about the data.
Svenson Barristers senior silk Rodney Barrett KC says the victim of stolen information may have a case to prevent its publication by the media injunction.
“Conceivably, it may even be unconscionable for the media to publish stolen information that is not confidential. All will depend on the circumstances of the case.”
However, the injunction to block cyber hackers has been dubbed ‘futile’ by Professor and Associate Dean (Computer and Security) in the School of Science, Paul Haskell-Dowland.
“A criminal group that engages in illegal acts to obtain confidential data that they then go on to ransom is not likely to be deterred by such action – they already know what they are doing is illegal,” Professor Haskell-Dowland told Information Age.
Some smaller, less experienced criminal groups may be influenced by threats of legal action, but most will shrug off the risks and may even react more aggressively and publish stolen data more readily to 'teach them a lesson', he says.
“The idea that the injunction will ‘prevent’ the criminals from posting more stolen data is unrealistic – they are posting illegally obtained data on websites beyond Australia’s authority,” Professor Haskell-Dowland says.
“The only prospect of addressing such publication will be through high-level international cooperation between law enforcements and governments to take down the websites hosting the content.
“This will likely be after publication, by which time the damage is already done,” he said.
However, HWL Ebsworth will be completely aware of this fact, he says.
“The injunction is more likely a warning shot to the media to keep quiet. This too is futile. Australian media companies generally avoid publishing any leaked data anyway.
“It will be the global media that is the bigger issue as, depending on local legislation, they will probably not be bound by any Australian injunction.
“It could potentially be argued that by taking this approach, they are opening themselves up to more scrutiny and that international media may well take more of an interest in the leaked data,” Haskell-Dowland said.
This latest breach is one of several large-scale data breaches impacting millions of Australians’ personal information, with a significant increase in the second half of 2022.
Thirty-three of the 40 breaches reported in the Notifiable data breaches report, released in March this year that affected over 5,000 Australians, were the result of cyber security breaches.
Businesses need to be vigilant as large-scale compromises of personal information may lead to further attacks, Australian Information Commissioner Angelene Falk said.
“Organisations should take appropriate and proactive steps to protect against and respond to a range of cyber threats.
“They need to be on the front foot and have robust controls, such as fraud detection processes, in place to minimise the risk of further harm to individuals.”
Meanwhile, the government is reviewing the privacy hack in an attempt to strengthen the Notifiable Data Breaches scheme.
It is currently seeking feedback on the 116 proposals in the report before deciding what further steps to take.
HWL Ebsworth did not respond to queries from Information Age about the injunction in time for publication.
