Ransomware-hit law firm secures High Court judgment against unknown criminals
You tell 'em, 4 New Square chambers
The London law firm which secured a court injunction forbidding ransomware criminals from publishing data stolen from them has now gone a step further – by securing a default judgment from the High Court.
4 New Square Ltd, a barristers' chambers, raised some amusement in cyber security circles in July when it applied for a High Court injunction in the wake of a ransomware infection. Yesterday the High Court ruled in the firm's favour by default, as the criminals had "not engaged with the proceedings and have not filed an Acknowledgement of Service or Defence."
Judge Mr Justice Nicklin went into five pages of legal detail setting out how the ransomware gang must "by 4pm on 27 September 2021 deliver up to the Claimants' solicitors and/or delete the Information in his possession, custody or control" and by 4 October give "details about whether he has passed any of the Information to a third party and identifying any said third party and their contact details."
Initially, a reader of the judgment might wonder if the power of the High Court of England and Wales compelled the crooks to 'fess up. Sadly, that wasn't the case.
It appears from the judgment [PDF] that all 4 New Square Chambers knows about its attackers is their email address, with legal correspondence being formally served on them through that mailbox.
The firm did not respond to requests for comment from The Register but potential reasons for bringing the case include an insurance payout depending on court action being started, or perhaps the firm hopes that one day the attackers will be identified and might travel through a country that allows enforcement of English judgments.
- Ransomware-hit law firm gets court order asking crooks not to publish the data they stole
- Cuffed: Ukraine police collar six Clop ransomware gang suspects in joint raids with South Korean cops
- Ransomware crims saying 'We'll burn your data if you get a negotiator' can't be legally paid off anyway
- When the bits hit the fan: What to do when ransomware strikes
In practical terms, a non-disclosure injunction is meaningless against criminals who are potentially based in a hostile foreign country, possibly Russia or another ex-Soviet Union nation.
Civil courts in England work on the principle that both sides either agree to take part or can have their bank accounts forcibly emptied if they don't play along. For the second option to work, the person or company needs to be within the court's jurisdiction.
Over recent years Russia has overtly turned a blind eye to ransomware gangs targeting the West from its turf, to the point where US president Joe Biden asked Russian leader Vladimir Putin to crack down on them. With the current state of Russo-Western international relations, however, Russia appeared to have paid lip service at best to Biden's pleas.
Law firms have not featured highly in information dumped online by ransomware gangs, bar a handful of high-profile cases. ®