The Irony of Law Leveraging in Cybercrime: The Case of Alphv and MeridianLink


Published on Nov 18, 2023   —   2 min read

In a remarkable twist of cybercrime tactics, the Alphv ransomware gang, also known as BlackCat, recently leveraged legal mechanisms to exert pressure on its victim, MeridianLink, a digital lending technology vendor. This maneuver exemplifies the ironic and evolving landscape of cybercrime, where perpetrators are now using the law as a tool against their targets.

A New Level of Extortion

The Alphv gang reportedly compromised MeridianLink before taking an unprecedented step: reporting the company to the U.S. Securities and Exchange Commission (SEC) for not disclosing the breach in a timely manner​​. This action comes in the context of the SEC's new four-day disclosure rule, intended to improve data breach reporting among U.S. organizations. Although these guidelines were not set to be enforced until December 2023, the Alphv group cited them in their complaint​​.

The irony in this situation is palpable. A criminal group, having illegally breached a company's security, is using legal compliance requirements to add pressure on their victim. This tactic is not just a breach of cybersecurity but also a manipulation of regulatory frameworks. MeridianLink was not legally obliged to report the incident in an 8-K filing as the new SEC rule regarding material data breaches was not yet in effect​​. This reveals the ransomware group's strategy of leveraging any available means, including legal and regulatory mechanisms, to intensify the distress on their target.

This case highlights a disturbing trend in cybercrime where the lines between legal compliance and criminal activity blur. It raises questions about how laws and regulations can be inadvertently used against victims of cybercrimes. The Alphv group's actions demonstrate a sophisticated understanding of legal processes and how they can be exploited for criminal gains.

Moreover, this incident underscores the need for companies to not only bolster their cybersecurity defenses but also to understand the legal landscape. As cybercriminals become more inventive, awareness of legal obligations and potential vulnerabilities in regulatory frameworks becomes crucial.

Looking forward, this case might set a precedent for other criminal groups to follow, potentially leading to a new dimension in cyber extortion tactics. It underscores the urgency for organizations to reevaluate their cybersecurity strategies, ensuring they are prepared not only for technological threats but also for legal and regulatory challenges posed by cybercriminals.

Closing Thoughts

The Alphv and MeridianLink incident is a reminder of the evolving nature of cyber threats. It showcases the ironic twist of criminals using the law as a weapon, a strategy that could redefine the landscape of cybercrime and legal compliance.

Furthermore, this trend underscores the need for lawmakers and regulators to consider the potential misuse of legal frameworks when crafting and implementing new laws. The balance between creating robust legal protections and not providing unintended tools for criminals is delicate and requires careful thought and foresight.

One must ponder, how might hackers use other laws in the future to further their criminal endeavors? This incident opens the door to a myriad of possibilities where cybercriminals could exploit various legal and regulatory frameworks. From privacy laws to international trade regulations, the scope for legal manipulation by these malicious actors is vast and troubling.

Share on Facebook Share on Linkedin Share on Twitter Send by email

Subscribe to the newsletter

Subscribe to the newsletter for the latest news and work updates straight to your inbox, every week.