top of page
  • Good Harbor

Hackers demand ransom from A-list law firm: Richard Clarke on Sirius XM's and CNN's "Smerconish"

A previously unidentified hacking group, known as REvil, locked up the files of a law firm the group claims to represent President Donald Trump. With the group having threatened to post President Trump's "dirty laundry" on the Dark Web, Michael Smerconish interviewed Richard Clarke, Good Harbor Chairman & CEO and the country's first "Cyber Czar" in the White House. The Sirius XM Radio interview can be found here (Friday, May 16), and Clarke's appearance on CNN's "Smerconish" can be found here.

"Amidst a coronavirus pandemic, we have an epidemic of ransomware," Clarke said.

Alan Grubman, the nation's most sought-after entertainment lawyer, fell victim to the latter. Grubman, of the law firm Grubman Shire Meiselas & Sacks, LLP, had 756 gigabytes of confidential client records stolen and encrypted in a ransomware attack. REvil dumped several gigabytes of Lady Gaga's legal records on Thursday, May 15, and doubled its initial demand to $42 million after the law firm refused to pay, pledging to post Trump's documents if the firm fails to pay the new demand by Thursday, May 22.

What's to say that the cyber criminals will abstain from posting the stolen documents (if their threat is credible) if the law firm paid the demand? Clarke draws on his experience consulting for corporate victims of ransomware to suggest that such cyber adversaries tend to make credible threats, and honor their pledge to decrpyt hostage data if a ransom is paid, because "criminals have a reputation to maintain." He also addresses the public policy argument against meeting criminals' demands, which is that paid ransoms tend to fund further illicit activity, in cyberspace or otherwise.

Recent Posts

See All

The Long Game in Cybersecurity

Investor Asheem Chandna spoke with national security expert Richard Clarke, technology leader Nik Zur, and veteran CISO Phil Venables about what the next years will bring in cybersecurity: https://www


bottom of page