Epiq Global, a large international law firm, has become the victim of a cyberattack with the use of ransomware. The company has shut down systems in 80 of its offices around the world.According to the statement of Epiq Global, which advises banks, large credit organizations and governments of different countries, the incident took place on February 29 this year.
“As part of our comprehensive incident response plan to contain the threat, we immediately shut down our systems around the world and began working with a third-party forensic investigation firm as part of an independent investigation. Our technical team works closely with world-class third-party experts to solve this problem and quickly return our systems to a safe state,” – said the company in a statement.
According to an informed source that wished to remain anonymous, computers at all 80 company headquarters around the world were infected with extortion software.
“Ransomware hit the organization’s entire fleet of computers across its 80 global offices. According to the internal order of the Epiq Global administration, company employees cannot visit offices without management approval. In offices, employees are advised not to connect devices to the network and turn off Wi-Fi on their laptops before reaching the parking lot near the office building”,- writes TechCrunch.
According to the source, corporate computers are running older versions of Windows, and “no updates have been installed anywhere“.
What extortion software is involved, the source does not specify.
According to Epiq Global, there is no evidence that the data was stolen. Epiq spokesperson Catherine Ostheimer also decided not to disclose the details of the ransomware, and did not provide percentage of the data or computers impacted by the attack.
Although ransomware typically infects computers, spreads, and encrypts files across a network in exchange for a ransom, some newer and more advanced ransomware families also exfiltrated corporate data before encrypting the files and threatened to publish the files unless a ransom is paid.
While the legal giant is hiding the details of the incident and the name of the ransomware, it is worth reading about the Sodinokibi malware, work of which specialists from the Danish provider KPN studied in details. Perhaps this particular ransomware is the cause of Epiq Global’s disasters.