Israeli Law Firm Prof. Bein & Co. Hit by BrainCipher Ransomware Attack
Prof. Bein & Co. Targeted by BrainCipher Ransomware Group
Prof. Bein & Co., a prominent law firm based in Israel, has recently fallen victim to a ransomware attack orchestrated by the BrainCipher group. The attackers claim to have accessed over 15 GB of the firm's organizational data and have threatened to publish it within 9-10 days. This incident underscores the growing vulnerability of law firms to cyber threats.
About Prof. Bein & Co.
Prof. Bein & Co. is a well-established law firm specializing in tax law and administrative law. The firm is recognized for its expertise in drafting professional opinions, negotiating with authorities, and representing clients before judicial instances. Led by Prof. Dan Bein, who has significant experience, including serving as Vice President of the Haifa District Court and Chairman of the Water Tribunal, the firm employs between 11 and 50 individuals. It is noted for its strong reputation in tax and administrative law, often cited in reputable legal rankings such as the Legal 500 and Dun's 100.
Attack Overview
The BrainCipher ransomware group has claimed responsibility for the attack on Prof. Bein & Co. via their dark web leak site. The attackers have posted sample screenshots of the stolen data to substantiate their claims. This breach highlights the increasing risk faced by law firms, which often handle sensitive and confidential information, making them attractive targets for cybercriminals.
About BrainCipher Ransomware Group
BrainCipher is a relatively new ransomware group that has quickly gained notoriety for its high-profile attacks. The group employs sophisticated techniques, including phishing and spear phishing, to deliver their ransomware payloads. They also rely on initial access brokers to infiltrate target environments. BrainCipher's ransomware is based on LockBit 3.0, utilizing a leaked version of the popular ransomware builder. The group is known for encrypting files and appending a distinctive file extension, as well as encrypting file names to increase the complexity of decryption.
Penetration and Vulnerabilities
While the specific method of penetration in the Prof. Bein & Co. attack has not been disclosed, it is likely that BrainCipher utilized phishing or spear phishing techniques to gain initial access. Law firms, including Prof. Bein & Co., are particularly vulnerable due to the sensitive nature of the data they handle and the potential for significant disruption to their operations. The firm's reliance on digital systems for managing client information and legal documents makes them a prime target for ransomware attacks.
See Halcyon in action
Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!