Cyber Attacks: Kirkland and Paul Weiss Advise on Sophos/SecureWorks Merger


As cyber-attacks escalate worldwide, Sophos announced it will acquire SecureWorks for $859 million. The all-cash reverse triangular merger will combine the two cyber-security companies as they seek to harness AI in providing automated detection and prevention services to defeat advanced cyber threats. 

“Cyber risk continues to escalate, driven by a rampant cybercriminal ecosystem and global geopolitical pressures,” according to the deal’s press release. “Combined, Sophos and SecureWorks share a long history of having exceptional threat intelligence, security operations, incident response, and innovative security product capabilities that help organizations defeat these adversaries.”

Cyber-crime is big business. By 2025, these crimes are projected to cost the worldwide economy $10.5 trillion each year, which equates to $20 million per minute. The U.S. is the most prevalent victim of significant cyber-attacks worldwide. As the following graphic depicts, from 2006-2020, the U.S. received an average of 11 significant attacks per year – with “significant” defined as hacks into a nation’s government agencies and high technology companies, or attacks with losses over $1 million. 

Significant Cyber Attacks from 2006-2020

Source: Visual Capitalist

The most common types of attacks are Structured Query Language (SQL) Injection, man-in-the-middle, phishing, and denial of service attacks:

  • SQL injection: the hacker inserts malicious SQL code into the victim’s database in order to steal information;
  • Man-in-the-middle: the hacker accesses a communication between two parties to eavesdrop;
  • Phishing: the hacker poses as a legitimate institution to trick the victim into providing their log in credentials, credit card information, and other sensitive data;
  • Denial of service: the hacker floods the victim’s system with traffic to shut down their website or other services from use by legitimate parties

Cyber-crimes are spawn from a variety of motivations. Whether a hacker is seeking to steal money, get revenge on a former employer, or steal secrets, there is no shortage of bad actors. Leading up to last week’s election, hackers sought to aid their favored candidates. Iranian hackers stole sensitive information from the Trump campaign and sell it to Democrats.  Russian operatives sought to spread propaganda. Hackers linked to China hacked AT&T, Verizon, and Lumen Technologies in a plot uncovered by the FBI and the Cybersecurity and Infrastructure Security Agency.

Source: Statista

Sophos and SecureWorks pledge, “This acquisition represents a significant step forward in our commitment to building a safer digital future for all.” According to DealPulse’s M&A database, which harnesses both AI and attorneys to digest the granular deal points of publicly-announced transactions, Sophos is advised by law firm Kirkland & Ellis LLP and SecureWorks is advised by Paul, Weiss, Rifkind, Wharton & Garrison LLP.