Brett Slater Solicitors Targeted by Akira Ransomware Group

Incident Date:

May 28, 2024

World map

Overview

Title

Brett Slater Solicitors Targeted by Akira Ransomware Group

Victim

Brett Slater Solicitors

Attacker

Akira

Location

North Sydney, Australia

, Australia

First Reported

May 28, 2024

Ransomware Attack on Brett Slater Solicitors

Company Overview

Brett Slater Solicitors is a renowned immigration law firm based in Sydney, Australia. The firm specializes in providing immigration legal services, including visa applications, permanent residency, and citizenship. With over 30 years of experience, the firm has established a reputation for its high success rate of 98.9% in handling immigration cases.

Company Size and Standout

Operating with a team of experienced solicitors and registered migration agents, led by Principal Solicitor Abraham Ishkhanian, Brett Slater Solicitors stands out for its exceptional success rate and a comprehensive range of immigration services. These services include business visas, skilled visas, family visas, and appeals.

Company Vulnerabilities

As a law firm dealing with sensitive legal and personal information, Brett Slater Solicitors is a prime target for threat actors like the Akira ransomware group. The firm's extensive database of client documents, court records, and other confidential data makes it an attractive target for ransomware attacks.

Ransomware Attack Overview

The Akira ransomware group recently targeted Brett Slater Solicitors, leaking sensitive data including personal documents of clients from various countries, court records, and other confidential information. The group's ransom note indicated their intent to expose the firm's data unless a ransom is paid.

Ransomware Group Profile

Akira is a rapidly growing ransomware family that has been targeting businesses across different sectors, including legal services. Known for its double extortion tactics, Akira steals data before encrypting systems and demands a ransom for decryption and data deletion. The group's unique dark web leak site and evolving tactics make them a significant threat in the cybersecurity landscape.

Possible Penetration Points

Akira could have penetrated Brett Slater Solicitors' systems through unauthorized access to VPNs, credential theft, or deploying a backdoor. The group's use of tools like RClone, FileZilla, and WinSCP for data exfiltration indicates a sophisticated approach to breaching networks and compromising sensitive data.

Sources:

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.