Grubman Shire hack: Global media attention grows

The world’s media has turned its attention to New York law firm Grubman Shire Meiselas & Sacks, which has been hit by a ransomware attack that is threatening to unveil confidential information about the firm’s A-list client base.

Reports naming the firm as the victim of a hack emerged on 8 May, with Australian publication IT Wire the first to report: “New York-based entertainment and media lawyers Grubman Shire Meiselas & Sacks has been hit by the Windows REvil ransomware, with a small amount of information released by the attackers and a lot more promised.”

Largely thanks to the firm’s famous roster of clients – which include Madonna, Lady Gaga and Sir Elton John – the ransomware attack has in the last few hours been picked up and reported by news outlets ranging from the BBC, to Variety and Rolling Stone.

The law firm has issued a statement saying: “We can confirm that we’ve been victimised by a cyber-attack. We have notified our clients and our staff. We have hired the world’s experts who specialise in this area, and we are working around the clock to address these matters.”

The attackers have posted a list of stars and companies that it says it will publish the contracts, telephone numbers, emails and personal correspondence for soon.

A screenshot allegedly of a Madonna contract has also been published on the dark web.

The company’s website is currently down, bar its logo. Attempts to contact the firm were not immediately successful.

Brett Callow, a threat analyst with cybersecurity company Emsisoft told us: “Cybercrime, and ransomware in particular, is becoming ever more problematic. We estimate that in 2019, ransomware attacks cost the US economy $9.2 billion, the US economy $1.8 billion and the global economy $169 billion. And $25 billion of the global total is going straight to criminal enterprises in the form of ransomware demands. The enormous financial incentive coupled with the fact there is a near-zero chance (there’s actually a 0.05% chance) of the perpetrators being prosecuted, means that attacks such as this will become more and more frequent and more and more sophisticated. “In the context of cyber security as a major global risk, the global community needs to recognize that there is a “stunning enforcement gap”, as a recent report by the Third Wayhighlights. Not only is the current wave of cybercrime largely unseen, but the chances of being successfully investigated and prosecuted for a cyber attack in the US are now estimated at 0.05%. This mirrors similar reports from around the world.“

Research released at the start of the year by Dutch telecommunications provider KPN showed that for 75 REvil samples that appeared to have infected multiple workstations inside a company’s network, the average ransom demand was $470,000 per company, and with many incidents passing the $1 million mark.