Singapore-based law firm Shook Lin & Bok was the victim of a ransomware attack in early April, as confirmed by the firm on May 2nd. The cyberattack was detected on April 9th, and by the early hours of April 10th, the firm had engaged a cybersecurity team and contained the breach. They announced that there was no evidence that the firm’s core document management systems, which store sensitive client data, were compromised during the incident.
In response to the attack, Shook Lin & Bok reportedly paid a ransom of $1.4 million in Bitcoin to the Akira ransomware group. This payment was made after negotiations brought down the initial demand from $2 million. The law firm has not publicly confirmed the payment, but details emerged from an article on SuspectFile, an independent site focusing on ransomware activities.
The Cyber Security Agency of Singapore (CSA) has been notified about the incident and has offered assistance to the law firm. The CSA, however, reiterated the government’s stance against paying ransoms. They warned that paying the ransom does not guarantee the recovery of data and might encourage criminals to continue their illicit activities. Additionally, they mentioned that paying the ransom could potentially mark the organization as a soft target for future attacks.
Despite the severity of the attack, Shook Lin & Bok has maintained its operational status and is working closely with cybersecurity specialists to minimize the impact on its clients and stakeholders. They have made a police report and affirmed that all actions taken in response to the intrusion are aimed at safeguarding their clients’ and stakeholders’ interests. This incident highlights the ongoing challenges and decisions firms face when dealing with sophisticated cyber threats and the pressures of ensuring client and stakeholder trust in the wake of such breaches.
