The New York Times reports that federal prosecutors in Manhattan have charged three men, who are Chinese citizens, with making several million dollars by trading on information stolen by some of the top New York merger-advising law firms. At least seven firms were targeted, according to the article, in an attempt to obtain information about deals that were still in the works. The men successfully obtained the emails of partners who work on mergers at two firms, using the information to buy shares of the mentioned companies and then sold after the mergers happened.
Cyber Security + Fraud = Wake Up Call
The concern that hackers can and will breach the technology defenses of big law firms in search of confidential information related to corporate clients in order to turn a profit has been a long-time concern for federal authorities. This is despite most major law firms playing down the possibility of a threat posed by hacker and their reluctance to discuss any breaches or attempts thereof.
The U.S. attorney in Manhattan, Preet Bharara, said in a statement that law firms around the world “are and will be targets of cyber hacking” because the information these firms hold is valuable to criminals. The victimized law firms were not mentioned by name in the criminal indictment nor in a parallel civil complaint brought by the Securities & Exchange Commission. Security consultants in the field have noted that law firms are the “weakest link” when it comes to hacking.
The three men were aggressive in their pursuit of inside information. The NY Times noted that the indictment stated that from March to September of 2015 the three men attempted unauthorized access to the networks and servers of the targeted firms more than 100,000 times.
The Computer Fraud & Abuse Act (CFAA) is the primary guide when it comes to prosecuting computer crimes in federal hacking cases. Other federal statutes that are often used for computer-related legal issues include:
- Wiretap Act: Prohibits any person from making an illegal interception, disclosing, or using illegally intercepted materials and its application includes law enforcement; and
- Unlawful Access to Stored Communications: With a focus on protecting email and voicemail from unauthorized access.
Other relevant federal statutes include Identity Theft and Aggravated Identity Theft, Access Device Fraud, CAN-SPAM Act, Wire Fraud and Communication Interference. Beyond federal law, almost every state in the nation has its own computer crime statutes with its own prosecutorial system. It is not uncommon for states to work together with federal authorities if necessary during a prosecution.
Computer Crime Attorney
Computer crime laws cover a vast array of actions that destroy, or interfere with, the normal use and operation of a computer system. If you or someone you know believes they have been the victim of a computer crime, contact a knowledgeable attorney right away.