bianlian attacks Meisenkothen
Incident Date:
October 4, 2022
Overview
Title
bianlian attacks Meisenkothen
Victim
Meisenkothen
Attacker
Bianlian
Location
First Reported
October 4, 2022
ELSM Law Firm Suffers Ransomware Attack by Bianlian Group
The Bianlian ransomware group has claimed responsibility for an attack on the law firm Early, Lucarelli, Sweeney & Meisenkothen (ELSM), also known as ELSM Law Firm, which operates in the Law Firms & Legal Services sector. ELSM is a nationally recognized law firm with over 40 years of experience in handling asbestos litigation and has obtained nearly $5 billion in total settlements on behalf of their clients.
The attack on ELSM Law Firm is part of a broader trend of ransomware attacks targeting law firms. In 2021, the LockBit ransomware variant, which is associated with the Bianlian group, was responsible for attacks on multiple law firms, including those in the manufacturing, logistics, insurance, and other industries. The LockBit ransomware variant, like other major ransomware variants, operates in the "ransomware-as-a-service" (RaaS) model, where developers design the ransomware, recruit affiliates to deploy it, and maintain an online software dashboard to provide affiliates with the tools necessary to deploy the ransomware within the victim's computer system.
The Bianlian group's attack on ELSM Law Firm highlights the vulnerabilities of law firms to ransomware attacks. Law firms often handle sensitive client data, making them attractive targets for cybercriminals. Additionally, the legal industry has been identified as a top target for ransomware attacks, with several high-profile cases reported in recent years.
To mitigate the risks of ransomware attacks, law firms should implement robust cybersecurity measures, such as regular software updates, employee training, and data backups. They should also be prepared to respond to incidents effectively, including having a well-defined incident response plan and working closely with law enforcement and cybersecurity experts.
Sources
- Early, Lucarelli, Sweeney & Meisenkothen. (n.d.). Mesothelioma & Asbestos Lawyers | ELSM Law Firm. Retrieved April 10, 2024, from https://www.elslaw.com
- U.S. Department of Justice. (2024, February 20). U.S. and U.K. Disrupt LockBit Ransomware Variant. Retrieved April 10, 2024, from https://www.justice.gov/opa/pr/us-and-uk-disrupt-lockbit-ransomware-variant
- Arctic Wolf. (n.d.). The Top 10 Legal Industry Cyber Attacks - Arctic Wolf. Retrieved April 10, 2024, from https://arcticwolf.com/resources/blog/top-legal-industry-cyber-attacks/
- Cybersecurity and Infrastructure Security Agency. (n.d.). Ransomware 101 - CISA. Retrieved April 10, 2024, from https://www.cisa.gov/stopransomware/ransomware-101
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.