The Oklahoma Bar Journal December 2022

the authenticity of the data with cybersecurity experts, including Scylla Intel, British defense con tractor BAE, U.S. cybersecurity firm Mandiant and technology companies LinkedIn, Microsoft and Google, who all analyzed the emails. Each of these firms confirmed the database showed hacking-for-hire activity from India by comparing it with pre viously gathered data on the hackers’ techniques. The teams at Mandiant, Google and LinkedIn found the spying activity was linked to three companies, all of whom were linked to Mr. Gupta. 8 “We assess with high confidence that this data set represents a good picture of the ongoing operations of Indian hack-for-hire firms,” said Shane Huntley, head of Google’s cyber threat analysis team. 9 WERE LAW FIRMS VERIFIED AS TARGETS OF THESE ATTACKS? Reuters sent requests for comment to each email address that was attacked and communi cated with more than 250 indi viduals. Most who responded said attempted hacks took place either before anticipated lawsuits or when litigation was ongoing. 10 The hackers tried to access the

DECEMBER 2022 | 25