Wednesday, December 28, 2016

U.S. Charges Three Chinese Traders With Hacking Law Firms

U.S. Charges Three Chinese Traders With Hacking Law Firms

Indictment says the traders bought shares of at least five publicly traded companies before announcements that the firms would be acquired

In one instance of the alleged deception, traders in 2015 bought stock in circuit manufacturer Altera after learning through emails from a law-firm partner that Intel was weighing an acquisition of the company.ENLARGE
In one instance of the alleged deception, traders in 2015 bought stock in circuit manufacturer Altera after learning through emails from a law-firm partner that Intel was weighing an acquisition of the company. PHOTO: JUSTIN SULLIVAN/GETTY IMAGES
Three Chinese traders earned more than $4 million in illegal profits after they hacked into the computer systems of prominent U.S. law firms and stole nonpublic information on mergers and acquisitions, according to a federal indictment unsealed on Tuesday.
The allegations are the latest alarm bell for law firms, which have long been considered vulnerable to cyberattacks.
The traders bought shares of at least five publicly traded companies, including drug and chip makers, before the firms announced the deals, according to an indictment from the Manhattan U.S. attorney’s office.
The traders learned about the deals by gaining access to email accounts of law-firm partners working on the transactions, the indictment said. Prosecutors said from April 2014 to late 2015, the traders took millions of documents from two law firms’ servers.
The Wall Street Journal reported in March that federal investigators were probing hacks of Cravath, Swaine & Moore LLP and Weil, Gotshal & Manges LLP, which represent Wall Street banks and Fortune 500 companies in matters including lawsuits and multibillion-dollar merger negotiations. While prosecutors didn’t identify the law firms, details in the indictment closely match Weil Gotshal and Cravath.
Spokeswomen for the two firms declined to comment.
The traders were identified as Iat Hong, 26 years old; Bo Zheng, 30; and Hung Chin, 50. Mr. Hong was arrested in Hong Kong on Sunday, prosecutors said, and law-enforcement officials are seeking to have him extradited to the U.S. Prosecutors didn't provide information on the whereabouts of the other two men.
It couldn’t be learned if the three traders had lawyers.
Manhattan U.S. Attorney Preet Bharara said the case “should serve as a wake-up call for law firms around the world: you are and will be targets of cyber hacking, because you have information valuable to would-be criminals.”
Law-firm partners, as advisers to corporations, are routinely privy to sensitive information and intellectual property that could be misused if stolen. The information taken from the two firms’ servers included client email attachments sent to the firms detailing the proposed purchase prices of pending deals, prosecutors said.
Five other law firms were targeted, prosecutors allege, though hackers weren’t able to access their networks. Prosecutors say those five firms were targeted by the defendants on more than 100,000 occasions between March and September 2015.
Prosecutors said the traders won access to the deals by installing malware on firms’ computer networks, which allowed them to download information from email accounts. The defendants compromised the accounts of an information-technology employee at each law firm, and then posed as the employees to gain access to the firms’ private networks and email servers, according to prosecutors.
As early as March 2014, Mr. Zheng emailed a presentation to Mr. Hong laying out how to make money trading on nonpublic deal information, according to a related civil lawsuit filed by the Securities and Exchange Commission against the Chinese traders.
It explained that “[t]he goal is to improve US stock operations and to seize the right time to buy and sell stocks.”
In one instance of the alleged deception detailed in court filings, the traders in 2015 bought stock in circuit manufacturer Altera Corp. after they learned through emails from a law-firm partner that Intel Corp. was weighing an acquisition of the company.
Weil Gotshal represented Intel on its $16.7 billion acquisition of Altera, announced in June 2015. The indictment lists “Law Firm-1” as counsel to Intel on the deal.
The defendants relied on confidential information to purchase Altera stock on more than two dozen occasions, prosecutors allege. When news of the pending merger broke in March 2015, Altera’s stock price rose by $9 a share. The traders sold their shares at a $1.4 million profit, according to the indictment.
In another of the allegedly illegal trades, the defendants made $841,000 buying and selling stock in e-commerce company Borderfree Inc., which was in the process of being acquired by Pitney Bowes Inc.
The indictment lists “Law Firm-2” as counsel to Pitney Bowes. Cravath announced in May 2015 that it was representing Pitney Bowes on its acquisition of Borderfree.
At times in April and May 2015, the traders were responsible for 25% of Borderfree’s overall trading volume, according to the SEC complaint. After the Pitney Bowes deal was announced, the smaller company’s stock more than doubled.
Still largely run as partnerships, law firms can lack the sophisticated infrastructure needed to implement the toughest cybersecurity systems, said John Reed Stark, a cybersecurity consultant and former Securities and Exchange Commission enforcement attorney who has advised law firms.
“Law firms are a virtual treasure trove for sensitive information that could be valuable,” said Mr. Stark. “And traditionally they have some of the weakest cybersecurity regimes and infrastructure.”
Spurred in part by demands from corporate clients, many law firms have taken steps to tighten security in recent years and have formed groups to share information on potential threats.
Matthew Fawcett, general counsel for data-management and storage company NetApp, said he is concerned about the cybersecurity and physical security of the outside law firms he hires. Mr. Fawcett said he routinely sees boxes of client files stacked in conference rooms unprotected.
“We don’t expect a firm to operate like the NSA, necessarily…but we want to make sure our confidential information is protected,” he said.