Hacker Gang Files SEC Report Against Their Own Victim

Turns out, crossing paths with a BlackCat really does bring misfortune!

In a recent, bizarre turn of events, the notorious BlackCat ransomware gang has played a twisted game with the U.S. Securities and Exchange Commission (SEC). Just as the ink was drying on the SEC’s new regulations aimed at enhancing transparency in the face of rampant cybercrimes, BlackCat, in a move of unbelievable gall, filed a complaint with the SEC against its own victim, MeridianLink.

MeridianLink, a major player in financial software, fell prey to this cybercriminal group’s attack in early November 2023. Soon after the attack, in a highly unconventional move, the hackers escalated the situation by filing a complaint with the SEC, effectively tattling on their own cybercrime. This bold action sent shockwaves through MeridianLink’s investors and government watchdogs, highlighting a new, nightmarish scenario in the cybersecurity landscape.

The SEC, traditionally the watchdog keeping companies honest, recently implemented new rules following a series of unreported significant data breaches. These rules require publicly-traded companies to disclose substantial data breaches within four days of occurrence. This decision, while aimed at protecting the economy, has put companies in a tight spot. Daily hacking incidents, the complexities in identifying breaches, and the adverse consequences of disclosing them—including reputational harm, legal liabilities, and enhanced scrutiny—have companies on edge.

On November 7th, after stealing data from MeridianLink, BlackCat threatened the company with a massive data leak if their ransom demands weren’t met within 24 hours. When MeridianLink failed to comply, the group didn’t just threaten further; they filed a complaint against the company with the SEC for not adhering to the new four-day rule for reporting cyber incidents.

Clearly this unintended consequence of the SEC ruling illustrates a perplexing blend of criminal audacity and legal manipulation. It’s a cyberattack with a legal twist, reshaping the landscape of corporate disclosure and redefining the rules of digital extortion.

Whistleblowers have always been pivotal in exposing corruption, often facing dire consequences for their bravery. Figures like Daniel Ellsberg, Frank Serpico, and Erin Brockovich are testament to the value and risks associated with whistleblowing. Recognizing this, the U.S. has established substantial rewards for insiders exposing major corporate or governmental corruption.

However, BlackCat’s situation is a conundrum. While they have technically blown the whistle on a cybersecurity breach, they are also the perpetrators of the crime. This raises complex ethical questions, akin to historical cases where criminals have played roles in exposing larger crimes, like Sammy ‘the Bull’ Gravano’s testimony against John Gotti.

BlackCat’s actions, while far from the noble intentions of traditional whistleblowers, have exposed a critical vulnerability in the new SEC cyber regulations. They have shown that these rules can be manipulated by cybercriminals to further their agenda.

This incident underscores that the fight against cybercrime demands a sophisticated approach, blending vigilance, adaptability, and deep understanding of the complex legal and ethical landscapes that define today’s digital world.

Cyber Defense Advisors specializes in providing such comprehensive security solutions. We not only focus on the technological aspects of cyber defense but also guide companies through the intricate legal and regulatory frameworks, ensuring organizations are well-prepared and resilient against the ever-evolving tactics of cybercriminals.

Contact Cyber Defense Advisors with questions on how to enhance your security and improve your technology.