Jaffe Raitt Heuer & Weiss, P.C. Suffers Ransomware Attack by Pandora Group

Jaffe Raitt Heuer & Weiss, P.C., a law firm with over 800 attorneys in eight primary Midwest markets, has been targeted by the ransomware group Pandora. The attack was announced on the group's dark web leak site. The firm operates in the Law Firms & Legal Services sector, which has been a frequent target for ransomware attacks in recent years.

Company Size and Industry Standout

Jaffe Raitt Heuer & Weiss, P.C. is a mid-sized law firm with a significant presence in the Midwest. The firm's size and reach make it a notable player in the legal industry, particularly in the areas of corporate law, litigation, and intellectual property.

Vulnerabilities and Threat Actors

Ransomware attacks on law firms have become increasingly common, with threat actors exploiting vulnerabilities in email systems and cloud-based collaboration platforms to gain initial access to the victim's network. In the case of Jaffe Raitt Heuer & Weiss, P.C., the attack was carried out by the Pandora group, which has been known to target a wide range of industries, including law firms.

The Maze ransomware, which is often used by the Pandora group, typically involves the following steps:

1. Infiltration: The attackers gain access to the victim's network, often through email attachments or misconfigured platforms.
2. Encryption: Once inside, the attackers encrypt the victim's data, making it inaccessible without a decryption key.
3. Extortion: The attackers demand a ransom in exchange for the decryption key or threaten to release the encrypted data to the public.

In the case of Jaffe Raitt Heuer & Weiss, P.C., the firm's data was exfiltrated before encryption, which is a newer tactic used by ransomware groups to increase the pressure on victims to pay the ransom.

Mitigation Strategies

To mitigate the risk of ransomware attacks, law firms and other organizations should focus on proactive prevention measures, such as:

• Staying informed about the latest threats and vulnerabilities.
• Training employees on email security and safe browsing practices.
• Implementing robust security controls, such as data encryption and cloud-based software updates.
• Following the principle of least privilege, granting access to data and administrative tools only to those who need it.

By taking these steps, organizations can reduce their vulnerability to ransomware attacks and better protect their sensitive data.

Sources

• Jeff Kosc on LinkedIn: Taft Completes Merger With Jaffe Raitt Heuer & Weiss, P.C.
• Ransomware Attacks Hit Three Law Firms in Last 24 Hours - LawSites: https://www.lawsitesblog.com/2020/02/ransomware-attacks-hit-three-law-firms-in-last-24-hours.html
• The Ransomware Epidemic: Criminals Taking Advantage of Those Working from Home, Including Lawyers and Media Companies - American Bar Association: https://www.americanbar.org/groups/law_practice/publications/law_practice_magazine/2020/jf20/maher/
• Maze Ransomware Hits Law Firms Hard - Logikcull: https://www.logikcull.com/blog/maze-ransomware-law-firm
• The Top 10 Legal Industry Cyber Attacks - Arctic Wolf: https://arcticwolf.com/resources/blog/the-top-10-legal-industry-cyber-attacks