ELSM Law Firm Suffers Ransomware Attack by Bianlian Group

The Bianlian ransomware group has claimed responsibility for an attack on the law firm Early, Lucarelli, Sweeney & Meisenkothen (ELSM), also known as ELSM Law Firm, which operates in the Law Firms & Legal Services sector. ELSM is a nationally recognized law firm with over 40 years of experience in handling asbestos litigation and has obtained nearly $5 billion in total settlements on behalf of their clients.

The attack on ELSM Law Firm is part of a broader trend of ransomware attacks targeting law firms. In 2021, the LockBit ransomware variant, which is associated with the Bianlian group, was responsible for attacks on multiple law firms, including those in the manufacturing, logistics, insurance, and other industries. The LockBit ransomware variant, like other major ransomware variants, operates in the "ransomware-as-a-service" (RaaS) model, where developers design the ransomware, recruit affiliates to deploy it, and maintain an online software dashboard to provide affiliates with the tools necessary to deploy the ransomware within the victim's computer system.

The Bianlian group's attack on ELSM Law Firm highlights the vulnerabilities of law firms to ransomware attacks. Law firms often handle sensitive client data, making them attractive targets for cybercriminals. Additionally, the legal industry has been identified as a top target for ransomware attacks, with several high-profile cases reported in recent years.

To mitigate the risks of ransomware attacks, law firms should implement robust cybersecurity measures, such as regular software updates, employee training, and data backups. They should also be prepared to respond to incidents effectively, including having a well-defined incident response plan and working closely with law enforcement and cybersecurity experts.

Sources

• Early, Lucarelli, Sweeney & Meisenkothen. (n.d.). Mesothelioma & Asbestos Lawyers | ELSM Law Firm. Retrieved April 10, 2024, from https://www.elslaw.com
• U.S. Department of Justice. (2024, February 20). U.S. and U.K. Disrupt LockBit Ransomware Variant. Retrieved April 10, 2024, from https://www.justice.gov/opa/pr/us-and-uk-disrupt-lockbit-ransomware-variant
• Arctic Wolf. (n.d.). The Top 10 Legal Industry Cyber Attacks - Arctic Wolf. Retrieved April 10, 2024, from https://arcticwolf.com/resources/blog/top-legal-industry-cyber-attacks/
• Cybersecurity and Infrastructure Security Agency. (n.d.). Ransomware 101 - CISA. Retrieved April 10, 2024, from https://www.cisa.gov/stopransomware/ransomware-101