Chinese Hackers Use Canadian Law Firms as Backdoor to Client

Hackers operating behind Chinese IP addresses reportedly compromised seven Canadian law firms and the Canadian Finance Ministry and Treasury Board in an attempt to disrupt the high-profile acquisition of the Potash Corporation of Saskatchewan by the Australian mining giant BHP Billiton Ltd.

Hackers operating behind Chinese IP addresses reportedly compromised seven Canadian law firms and the Canadian Finance Ministry and Treasury Board in an attempt to disrupt the high-profile acquisition of the Potash Corporation of Saskatchewan by the Australian mining giant BHP Billiton Ltd.

According to a report from Bloomberg, the law firms in question had been handling the acquisition deal, which eventually fell through for reportedly unrelated reasons.

The attacks reportedly spanned a few months in and around September 2010.

Bloomberg claims that an investigation into the attacks revealed a plot by the Chinese to derail the takeover as part of the larger, global competition for natural resources. Daniel Tobok, president of Digital Wyzdom (the security company hired to investigate the intrusions), told Bloomberg that the information likely purloined in the attacks can be worth tens of millions of dollars and, perhaps more importantly, can give those who stole it an unfair advantage in deal negotiations.

This isn’t the first time hackers have attempted to compromise law-firms as a backdoor into their intended target. In fact, as the usual victims of industrial and economic espionage increase their security budgets, a trend seems to emerging whereby cybercriminals attack softer targets that aren’t as well equipped or experienced in dealing with cyberattacks. The report cites the Virginia-based IT security company, Mandiant, in claiming that as many as 80 law firms may have been targeted under similar circumstances in the U.S. last year.

Nor is this the first time oil companies have been targeted in espionage campaigns. As far back as 2010, Marathon Oil, ExxonMobil, and ConocoPhillips were all hit by cyberattacks in which China was widely speculated to be the responsible party, and as recently as a month ago, Executives for some of the world’s largest oil companies claimed that attacks against their companies were happening more frequently.

You can read the entire Bloomberg report here.

Suggested articles

Discussion

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.