The Dark Overlord Ransoms 9/11 Files Showing How Law Firms Can be at Risk of Data Breach


The actions by the cybercriminal organization The Dark Overlord demonstrate how law firms need to take data security and cyber readiness seriously.

It started as a tweet (which has since been removed) on New Year’s Eve by known hacker group “Dark Overlord” who stated they had over 18,000 documents on 9/11 that they would leak unless UK insurer Hiscox paid a ransom.

The data allegedly comes from law firm that advised Hiscox with 9/11-related claims. That firm is said to have paid a ransom to the Dark Overlord, but because they also contacted law enforcement, Dark Overlord has switched from a ransom scheme to crowdfunding via Bitcoin.

Once 3 Bitcoin was paid, an initial set of documents – mostly related to insurance – were released. Dark Overlord promises to release more damaging documents over time as money is raised.

This breach shows how law firms can easily become a target. Cyber criminals do their homework, target individuals within the firm, use social engineering tactics and have relatively good success rates in infecting endpoints with malware or ransomware, furthering their grasp into the firm.

While no details on how the 9/11 documents were breached, it’s likely malware was successfully installed on at least one machine within the law firm, giving Dark Overlord access to the network and a means by which to hack into applications and systems containing the desired documents.

Law firms should consider tightening up security around systems, users, and applications that interact with the web. Endpoint protection, email and web scanning, patching, and Security Awareness Training all are viable parts of a layered security strategy designed to keep cybercriminals from gaining access to your network, your systems, and your data.

The International Legal Technology Association is the premier peer-driven association for technologists in the legal field. In their recent ILTA 2018 Technology Survey they said: 

"Although the number of firms reporting that they develop training content in-house jumped eight points on this survey, the number of firms developing security awareness content in particular has fallen 49 points over the last four years! The biggest winner in packaged security awareness content is KnowBe4, which jumped 15 points since last year and 35 points over four years."


We are thrilled to see our exponential growth in the legal profession! 

Request A Demo: Security Awareness Training

products-KB4SAT6-1New-school Security Awareness Training is critical to enabling you and your IT staff to connect with users and help them make the right security decisions all of the time. This isn't a one and done deal, continuous training and simulated phishing are both needed to mobilize users as your last line of defense. Request your one-on-one demo of KnowBe4's security awareness training and simulated phishing platform and see how easy it can be!

Request A Demo



PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:


Topics: Ransomware

Subscribe To Our Blog

Ransomware Has Gone Nuclear Webinar

Get the latest about social engineering

Subscribe to CyberheistNews