Brett Slater Solicitors Targeted by Akira Ransomware Group
Incident Date:
May 28, 2024
Overview
Title
Brett Slater Solicitors Targeted by Akira Ransomware Group
Victim
Brett Slater Solicitors
Attacker
Akira
Location
First Reported
May 28, 2024
Ransomware Attack on Brett Slater Solicitors
Company Overview
Brett Slater Solicitors is a renowned immigration law firm based in Sydney, Australia. The firm specializes in providing immigration legal services, including visa applications, permanent residency, and citizenship. With over 30 years of experience, the firm has established a reputation for its high success rate of 98.9% in handling immigration cases.
Company Size and Standout
Operating with a team of experienced solicitors and registered migration agents, led by Principal Solicitor Abraham Ishkhanian, Brett Slater Solicitors stands out for its exceptional success rate and a comprehensive range of immigration services. These services include business visas, skilled visas, family visas, and appeals.
Company Vulnerabilities
As a law firm dealing with sensitive legal and personal information, Brett Slater Solicitors is a prime target for threat actors like the Akira ransomware group. The firm's extensive database of client documents, court records, and other confidential data makes it an attractive target for ransomware attacks.
Ransomware Attack Overview
The Akira ransomware group recently targeted Brett Slater Solicitors, leaking sensitive data including personal documents of clients from various countries, court records, and other confidential information. The group's ransom note indicated their intent to expose the firm's data unless a ransom is paid.
Ransomware Group Profile
Akira is a rapidly growing ransomware family that has been targeting businesses across different sectors, including legal services. Known for its double extortion tactics, Akira steals data before encrypting systems and demands a ransom for decryption and data deletion. The group's unique dark web leak site and evolving tactics make them a significant threat in the cybersecurity landscape.
Possible Penetration Points
Akira could have penetrated Brett Slater Solicitors' systems through unauthorized access to VPNs, credential theft, or deploying a backdoor. The group's use of tools like RClone, FileZilla, and WinSCP for data exfiltration indicates a sophisticated approach to breaching networks and compromising sensitive data.
Sources:
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.