Law firm Williams & Connolly on Tuesday said that suspected nation-state hackers recently used a zero-day attack to break into email accounts belonging to a small number of attorneys.
The threat actor involved is believed to be the same one who has recently attacked other law firms and companies, Williams & Connolly said in a statement.
While the firm did not specify which nation-state it believes the hacker is affiliated with, The New York Times reported that sources have said it is China.
On September 24, Google Threat Intelligence Group and Mandiant reported that suspected “China-nexus threat clusters” have been leading a campaign which exploits zero-day vulnerabilities to target the U.S. legal sector and collect information “related to U.S. national security and international trade.”
The FBI’s Washington Field Office is investigating the incident, the Times reported. The FBI did not respond to a request for comment.
Williams & Connolly, which represents high-profile politicians including Bill and Hillary Clinton, said that it has “taken steps to block the threat actor” and has found no evidence that the attack is ongoing. It has hired cybersecurity company CrowdStrike to assist in its investigation.
The firm emphasized that it does not have evidence that confidential client data was taken from central databases where files are kept.
Recorded Future
Intelligence Cloud.
No previous article
No new articles
Suzanne Smalley
is a reporter covering privacy, disinformation and cybersecurity policy for The Record. She was previously a cybersecurity reporter at CyberScoop and Reuters. Earlier in her career Suzanne covered the Boston Police Department for the Boston Globe and two presidential campaign cycles for Newsweek. She lives in Washington with her husband and three children.
