clop attacks DRC-LAW

Incident Date:

March 27, 2022

World map



clop attacks DRC-LAW






Los Angeles, USA

California, USA

First Reported

March 27, 2022

DRC-LAW Suffers Ransomware Attack by Clop Group

Overview of the Incident

The Clop ransomware group has claimed responsibility for an attack on DRC-LAW, a Colorado-based law firm. DRC-LAW, operating within the Law Firms & Legal Services sector, offers a comprehensive range of services including trust and estate planning, probate administration, litigation related to trusts and fiduciaries, elder law planning, non-profit and exempt organizations, general business law, and more. Despite the firm's extensive legal expertise and commitment to client care, details regarding the specific vulnerabilities exploited in the attack remain undisclosed.

The Nature of the Threat

Ransomware attacks, such as the one experienced by DRC-LAW, typically exploit weaknesses in software or hardware, or are delivered through phishing emails and malicious websites. The Clop ransomware group, active since at least 2020, has targeted over 2,000 systems worldwide, including significant attacks on the healthcare, manufacturing, and logistics sectors. These attacks not only demand ransom payments in cryptocurrencies but also pose a severe risk of laundering these funds to finance further malicious activities.

Implications for the Legal Sector

Law firms and legal service providers, due to the sensitive nature of the data they manage, are increasingly becoming targets for cybercriminals. The incident at DRC-LAW underscores the critical need for robust cybersecurity measures within the legal industry to safeguard against ransomware and other cyber threats.


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.