back to article Ransomware-hit law firm gets court order asking crooks not to publish the data they stole

A barristers' chambers hit by a ransomware attack has responded by getting a court order demanding the criminals do not share stolen data. 4 New Square chambers, which counts IT dispute experts among its ranks, obtained a privacy injunction from the High Court at the end of June against "person or persons unknown" who were " …

  1. Dwarf Silver badge

    D'oh

    Its good to see that they understand the adversary..

    I wonder what they will do once they do publish the content that they stole ?

    1. Andy Non Silver badge

      Re: D'oh

      I say! They would never do such a thing, it just wouldn't be cricket!

    2. W.S.Gosset Silver badge

      "which counts IT dispute experts among its ranks"

      But not reality experts.

      So: "I wonder what they will do once they do publish the content that they stole ?" --> goggle at the inconceivable thought, at the very inversion of --irruption into-- their own private privileged little world. "Madness!" they will cry, before descending into it themselves.

    3. Jimmy2Cows Silver badge

      Re: D'oh

      Lawyers thinking like lawyers...?

      The bastards stole our data. Quick! File an injunction to prevent them disclosing the content!

  2. fredblogggs

    Such pessimism

    "While we would love to report that a civil court in London has achieved what criminal law enforcement agencies from the entire western world couldn't..."

    "Couldn't" is very different from "chose not to". All we have to do if we want this to stop (assuming that's really where the criminals are) is turn down all the Internet connectivity from those places and any other country (looking at you, China) who don't do the same. If they wish to remain connected, they will have no choice but to clean house. If not, they can look forward to becoming the 22nd century's Sentinel Island.

    Great option? No, not really. I don't think anyone is too excited about a geographically bifurcated Internet. But nothing else has borne fruit; diplomacy with rogue states is ineffective, law enforcement cooperation equally so, which means that unless someone has an appetite for war that's going to be the only option. I think I'm firmly in the majority preferring cutting off Internet access to rogue states and their sponsors over war. Let's get to it, then.

    1. Fonant

      Re: Such pessimism

      Hmmm... how would you define "rogue state", in a global sense?

      1. Cuddles Silver badge

        Re: Such pessimism

        Things were much easier during the Cold War, when rouge states were pretty good at identifiying themselves.

        1. Jimmy2Cows Silver badge
          Coat

          Re: rouge states

          By making themselves conveniently red?

  3. G R Goslin

    I suppose...

    ... it only goes to show how out of touch with reality, the legal profession really is. " I put it to you, Mr Burglar, that you should return the goods you stole from my client, and should reimberse him with the costs of repairing the damage that you inflicted on him, in the theft which you carried out."

    1. elsergiovolador Silver badge

      Re: I suppose...

      (pause) "or else"

      That'll do.

  4. Anonymous Coward
    Anonymous Coward

    Insurance

    Anybody know how insurance against this kind of thing works? Maybe there's an insurable risk against breach of the injunction or somesuch?

    1. Stoneshop Silver badge
      Holmes

      Re: Insurance

      Breach of the injunction means the Ransomists quite likely publishing data from past and ongoing cases, which all involved won't be very chuffed with. Never mind that for current cases that stuff will influence the case, and all this means not only damage to the law firm itself but also the parties they deal (and dealt) with.

      I don't think one can insure against that loss of reputation even if one can do so on a monetary level, which I doubt

  5. cornetman Silver badge

    It could be that they are looking to set up a situation where court sanctions, if the perpetrators were caught, would be more extreme, as in contempt-of-court for example.

    As the old adage goes, 'it is easier to gain forgiveness than it is to get permission', which is an imperfect fit I grant you.

    Of course that assumes that the crooks are in the same criminal jurisdiction.

    1. fredblogggs

      There's another possibility here, actually. Sometimes, court orders against foreign entities are enforceable against domestic entities controlled by the noncooperative foreign government. So if for example one could eventually prove that this harm was caused by people in East Twatistan, and East Twatistan's government refuses to act, the court may be able to enforce this judgment against any assets belonging to East Twatistan or corporations registered in East Twatistan provided those assets are located in the UK or some other place where the UK court has jurisdiction.

      This is probably a long shot, and it would obviously first require proving where the criminals are located. But it never hurts to obtain a judgment; the courts have very long memories and will enforce long-ago judgments if an opportunity arises. By the same logic, if the criminals *are* within the court's jurisdiction, the lawyers have set themselves up for success later on.

      While this may seem ridiculous, it's also pretty easy to see it as a zero-cost, zero-risk long-shot investment. Knowing lawyers, that's how they saw it too.

      1. nintendoeats Bronze badge

        I agree completely. It's all very funny to go "haha, look et zee loyers unt zer seelee games", but the reality is that people employ lawyers for a reason. They know the ins and outs, the risks and benefits. They don't care if we think it's dumb, clearly this was worth their effort to do and I expect they have a good reason (even if it is not the reason stated).

        1. Sam Crawley

          It could strengthen protection rom future potential use of the leaked data by third parties within the UK and territories with aligned legal data laws?

      2. Trigun Bronze badge

        This occurred to me as well and given the fact that they are not having to hire a lawyer (they are doing it themselves) then very low cost. It also proves they are trying to prevent the loss of the information (even if it is almost certain to make no difference) in any litigation aimed at them from any of their customers who's data may get revealed.

        1. John Brown (no body) Silver badge

          "This occurred to me as well and given the fact that they are not having to hire a lawyer (they are doing it themselves) then very low cost."

          You what? Of course they billed for the time! It'll be offset against their tax bill. No lawyer does ANYTHING for free :-)

          1. Chris Evans

            Not even lawyers have found a way to bill themselves with any financial benefit.

  6. mark l 2 Silver badge

    I suspect if the criminals get wind of the fact that these lawyers have obtained a ridiculous court order against them it will make it MORE likely they would release the data than if they hadn't done so.

    1. Anonymous Coward
      Anonymous Coward

      I would consider this a foregone conclusion regardless. One must assume that once this kind of information has been compromised, it is public knowledge. Even paying off the crooks doesn't guarantee they won't sell it on to someone else or just publish it anyway. So "pissing them off" isn't a consideration; they're criminals, you must assume they will do the worst.

      The point of this would be twofold: to demonstrate to their clients (whose information will leak) that they've done all they reasonably could to prevent that, and to establish grounds for eventual recovery should it prove possible to identify the perpetrators and any assets they may have subject to the court's jurisdiction.

      1. John Brown (no body) Silver badge

        "to demonstrate to their clients (whose information will leak) that they've done all they reasonably could to prevent that,"

        This. When it comes to arse covering, lawyers are the true masters of the art. Why else do you think that everything they state is an "opinion"? :-)

    2. Anonymous Coward
      Anonymous Coward

      I suspect the law firm know this will have no impact on the crims behaviour. It just means that when they do publish, they can be charged with something else if they are ever caught. Unlikely, but probably worth a shot. Plus, as others have commented already, it may make things easier to put pressure on overseas courts if the miscreants are located there.

  7. elsergiovolador Silver badge

    Wasted opportunity

    Court could also order people to be happy and respectful of each other.

  8. Anonymous Coward
    Anonymous Coward

    The naivete ..

    I bet this injunction is used to suppress reporting on the case.

    1. katrinab Silver badge
      Paris Hilton

      Re: The naivete ..

      They won't have gone for a superinjuction, because there is the possibility that the criminals read El-Reg, see this article, and decide on the strength of it not to publish the data.

      Not saying that all of these things are likely to happen, just explaining their throught process.

  9. revenant

    Is it really pointless?

    It would certainly be effective if the perps are actually UK-based, but even if not, it seems to also ensure that anyone in the UK who diseminates the information once it is released will be guilty of contempt-of-court. Which might be good enough, depending on what the information is.

  10. Anonymous Coward
    Anonymous Coward

    court order demanding the criminals do not share stolen data.

    - Or else what?

    - Or else we will be very, very angry with you... And we will write you a letter, telling you how angry we are.

  11. Anonymous Coward
    Anonymous Coward

    It is very difficult to see what effect, if any, a civil non-disclosure order will have

    Let me explain the cunning plan by means of a quote:

    "The Funniest Joke in the World" (also "Joke Warfare" and "Killer Joke") is a Monty Python comedy sketch revolving around a joke that is so funny that anyone who reads or hears it promptly dies from laughter.

  12. Barrie Shepherd

    I doubt if this will end well.

    It could easily could follow the Margaret Thatcher Spy Catcher legal mess - where the last Prime minister of Australia (Malcolm Turnbull) was the Lawyer who represented the plaintiff against the UK Official Secrets / D notices concerning an embarrassing publication - and ultimately won!

  13. Richard Boyce

    Streisand effect?

    I had never heard of 4 New Square before, but a lot more people have now.

    1. John Brown (no body) Silver badge

      Re: Streisand effect?

      It also emphasises the (lack of) imagination of Barristers when they name the business after the address of the office. They aren't the only chambers to do it.

  14. FozzyBear
    Pirate

    Person or persons unknown

    Not so much a legal move against the group running the ransomware. It is a move against anyone within the jurisdiction that reproduces, publishes or maybe even attempt to report on the incident.

    You upload any document, mention names (from their internal documents) in any media report, they now have the basis for the civil suit. You must now front court as the person or persons unknown breaching said order. Media would be in a real pickle, settle a sue ball in the millions (they're lawyers so give me all your money) or show the information was obtained via a third party and in publics interest as part of freedom of press.

    Don't , Can't or won't divulge how you obtained the information. Congratulations, your legal problems have just started as a felony investigation opened against you for computer related crimes

    1. amanfromMars 1 Silver badge

      Re: Person or persons unknown

      FozzyBear,

      If that be their thinking, in this crazy remote internetworking age, are their clients negligently servered with the most delinquent of secret and confidential security protections ...... and the chambers, 4 New Square, run the risk of being successfully sued by those aforementioned clients whose secrets and confidences they have lost to unknown others ..... and thus be their woes significantly compounded and highlighted ....... a double whammy of outrageous misfortune.

      And does Mrs Justice Steyn actually believe in these new leaky informative internetional times her going through the motions and issuing a court injunction against anonymous/Person or Persons Unknown has real merit as opposed to being recognised as a desperate act in defence of the indefensible and support of the inequitable? Is that Hubris I see before me, Yorick?

      The times they are a'changing and many more things than yet realised have already fundamentally and comprehensively been changed but that's perfectly normal and fully to be expected in both the spaces of radical evolutionary and/or rapid revolutionary progress.

  15. Aussie Doc Bronze badge
    Pint

    Yeah, okay.

    Crime boss: Release the Kraken, erm, data!!!

    Minion: But boss - they got a court order.

    Crime boss: Damn. Foiled again!

    <off to the pub to plan the next move>

  16. HandleyGill

    Not as foolish as you think…

    Obtaining a court order in the form of an interim injunction (I.e. on a pre-trial basis) allows them to serve it on 3rd parties, such as ISPs or social media platforms where links may be posted, to secure the removal of the material.

    1. WmK

      Re: Not as foolish as you think…

      I used to work for a law firm, and yes it's exactly this.

  17. spold

    The next thing you know....

    ...the ransomware crim organisations will be making data joins between the various stuff they have exfiltrated, and profiling you.... that would certainly increase its value.... oh wait, someone already thought have that one - social media. I see a business model convergence...

  18. YetAnotherJoeBlow Bronze badge

    This needs to end

    IMHO, the US needs to start chargiing the crooks under RICO. Then pressure Russia on all fronts with their allies using many different channels. When Russia suffers enough heat, they will hand them over or better yet, let Russia make the attackers disappear.

    If convicted, they will never see the light of day. I imagine once they are convicted, I think that with enough international pressure would go a long way to end this practice.

    On the other side of the coin, there needs to be a large penalty against companies that do not tighten up their security.

    If your data was stolen too, take the company to small claims court.

    One day, someone will be killed as a result of these attacks. I hope the US does not wait that long to go after the misfits.

  19. Greybeard_ITGuy
    FAIL

    Sort of like how...

    "gun control" laws will prevent the criminals from acquiring and using firearms.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021