The FBI is investigating the theft of 18,000 documents related to the September 11 attacks on the World Trade Center by a hacking collective known as The Dark Overlord, according to FT, citing two people familiar with the matter.
Posting under the name “The Dark Overlord”, the hacker or hackers claimed on New Year’s Eve that they had taken emails and non-disclosure agreements relating to the 9/11 attacks that were sent and received by groups including insurers Hiscox and Lloyd’s of London and the law firm Blackwell Sanders Peper Martin, now called Husch Blackwell.
The Dark Overlord said it would sell the documents for bitcoin, inviting Isis, al-Qaeda and nation states to bid for them online. -FT
"Pay the fuck up, or we're going to bury you with this. If you continue to fail us, we'll escalate these releases by releasing the keys, each time a Layer is opened, a new wave of liability will fall upon you," reads the hacking group's demand letter.
"If you're one of the dozens of solicitor firms who was involved in the litigation, a politician who was involved in the case, a law enforcement agency who was involved in the investigations, a property management firm, an investment bank, a client of a client, a reference of a reference, a global insurer, or whoever else, you're welcome to contact our e-mail below and make a request to formally have your documents and materials withdrawn from any eventual public release of the materials. However, you'll be paying us," the note continues.
Images of some of the documents began circulating on Wednesday after the group released decryption keys, which appear to show communications related to the World Trade Center.
The FBI is one of multiple law-enforcement agencies who are now investigating the breach, according to FT. The Dark Overlord, meanwhile, says that it has been under investigation for years, and that it had also gathered other information from Lloyd's and Silverstein Properties - founded by former WTC owner Larry Silverstein.
Hiscox insurance said it became aware of the hack last April.
"The law firm’s systems are not connected to Hiscox’s IT infrastructure and Hiscox’s own systems were unaffected by this incident," said a Hiscox spokesperson. "One of the cases the law firm handled for Hiscox and other insurers related to litigation arising from the events of 9/11, and we believe that information relating to this was stolen during that breach."
"We will continue to work with law enforcement in both the UK and US on this matter," added the spokesperson.
The September 11 attacks cost the insurance industry the equivalent of $45bn in 2017 terms, according to the Insurance Information Institute, and led to years of litigation over who should bear the cost.
Both Hiscox and Lloyd’s have expanded heavily into cyber insurance in recent years, selling protection against the costs of dealing with cyber attacks.
Husch Blackwell said it had not been hacked: “Several documents bearing the letterhead of a predecessor law firm to Husch Blackwell were made public earlier this week by a cyber terrorist group,” the company said in a statement.
“After a thorough review Husch Blackwell can confirm that no documents were obtained from Husch Blackwell and that there was no unauthorised access to Husch Blackwell systems, client files, documents or data.” -FT
A spokesperson for Lloyd's said it had no evidence of a breach of their systems, and said in a statement "Lloyd’s will continue to monitor the situation closely, including working with managing agents targeted by the hacker group."
Silverstein Properties says that the company is investigating the claims, and that "e are aware of claims of alleged security breaches at firms involved in the five-year insurance litigation following the attacks of 9/11," adding "To date, we have found no evidence to support a security breach at our company. We have spent the last 17 years fulfilling our obligation to deliver a magnificent and fully rebuilt World Trade Center. We will not be distracted by 9/11 conspiracy theories."