Jones
Day
acknowledged
that
an
“unauthorised
third
party
accessed
a
limited
number
of
dated
files
for
10
clients”
and
that
all
affected
clients
have
been
notified.
The
attackers
claimed
they
focused
on
the
head
of
the
firm’s
Federal
Circuit
team,
supposedly
referring
to
Greg
Castanias.
Jones
Day
declined
to
identify
the
clients
or
the
specific
files
involved,
displaying
the
kind
of
attention
to
secrecy
that
could’ve
avoided
this
whole
problem
to
begin
with.
The
attack
has
been
attributed
to
the
Silent
Ransom
Group,
also
known
as
Luna
Moth,
Chatty
Spider,
and
UNC3753
—
all
excellent
garage
band
names
for
anyone
in
the
market.
According
to
an
FBI
alert
last
May,
SRG
has
been
targeting
law
firms
specifically
since
2023.
But
that
was
before
the
federal
law
enforcement
agency
embarked
on
a
half-baked
loyalty
purge
and
reassigned
the
remaining
agents
to
rounding
up
roofers
and
threatening
people
for
making
fun
of
Trump
on
Instagram.
Today,
the
FBI
exists
mostly
as
a
luxury
travel
agent
for
Kash
Patel
to
slam
beers
with
hockey
players.
As
a
bulwark
against
cybercrime,
the
FBI
is
essentially
an
offensive
lineman
who
immediately
turns
around
and
yells
“incoming!”
at
the
quarterback.
SRG’s
M.O.
is
social
engineering
—
phishing
emails
and
phone
calls
impersonating
IT
staff
—
rather
than
sophisticated
zero-day
exploits.
They
don’t
even
really
employ
malware.
They
just
convince
someone
to
give
them
remote
access
and
then
walk
out
with
the
data
using
off-the-shelf
file
transfer
tools.
The
group
published
a
file
directory
and
screenshots
of
what
appear
to
be
negotiation
chats
between
SRG
and
Jones
Day
representatives.
According
to
reporting,
the
hackers
demanded
$13
million
to
keep
quiet
about
the
breach.
When
Jones
Day
didn’t
immediately
open
the
checkbook,
the
negotiations
broke
down.
The
group’s
final
message
—
from
a
negotiator
identifying
themselves
as
“Ammiel
Olsen”
—
warned
that
they
would
publish
all
the
data,
contact
every
employee
and
client,
and
resume
attacks
on
the
firm.
This
is
not
Jones
Day’s
first
time
at
the
breach
rodeo.
The
firm
was
among
several
companies
caught
up
in
a
2021
hack
of
the
Accellion
file
transfer
software,
which
resulted
in
client
data
—
including
prescription
drug
records
—
being
dumped
online.
So
when
we
talk
about
whether
firms
are
successfully
staying
ahead
of
the
cyber
threat,
here’s
a
firm
dealing
with
its
second
major
incident
in
five
years.
The
FBI’s
old
warning
about
SRG
noted
that
the
group
targets
law
firms
“likely
due
to
the
highly
sensitive
nature
of
legal
industry
data.”
Well,
that
and
the
fact
that
they
know
a
soft
target
when
they
see
one.
While
everyone
keeps
hyping
up
AI
well
beyond
its
actual
capabilities,
cybersecurity
remains
a
potentially
expensive
exposure.
It’s
unclear
if
SRG
followed
through
on
its
threat
to
renew
attacks.
But,
because
it’s
2026,
their
warning
message
to
the
firm
threw
in
that
the
reputational
damage
would
sting
even
more
“especially
after
being
exposed
in
the
Epstein
files
about
your
ties
with
child
predators.”
I
don’t
know.
It
kind
of
feels
like
being
exposed
in
the
Epstein
files
takes
the
sting
out
of
anything
else
a
hacking
group
could
throw.
Joe
Patrice is
a
senior
editor
at
Above
the
Law
and
co-host
of
Thinking
Like
A
Lawyer.
Feel
free
to email
any
tips,
questions,
or
comments.
Follow
him
on Twitter or
Bluesky
if
you’re
interested
in
law,
politics,
and
a
healthy
dose
of
college
sports
news.
Joe
also
serves
as
a
Managing
Director
at
RPN
Executive
Search.