Why are Legal Firms on the radar of Cybercriminals?
Nothing sends a chill up a person’s spine more than thinking of having their personal information stolen. Legal firms serve every industry and size of client possible which puts them at incredibly high risk for cybercrime. Recently, hackers have been stepping up their efforts to break into the networks of law firms in the U.S. and abroad.
Because law firms handle such a wide variety of information, they have become very attractive targets for cyber criminals. Unfortunately, they are also considered soft targets because they often have far less resources dedicated to cyber-security.
Information from SurfWatch Labs states, “law firms are being targeted, particularly when it comes to personal information and sensitive data such as corporate documents, trade secrets, and correspondence that can be sold, traded, or used to gain a business advantage.”
In an article yesterday on legal website, Above the Law, it was noted that of the 15 most prestigious law firms in the U.S., 13 of them were recently targeted by Russian cyber-criminal “Oleras.” This lends credence to the belief that the biggest threats to law firms are not lone hackers, but rather organized crime cartels operating out of Eastern Europe and China.
These threats to the data security of law firms are coming from the usual tactics such as bogus emails. Spear phishing emails have been known to appear as if they come from high profile clients and if attachments are opened, malware is released. Ransomware like CryptoWall has also been sent in emails to law firms in Canada and the U.S.
The first step that Law Firms must take to combat their vulnerability is to understand that these threats are very real and could bring them and their clients to ruin. Then, they need to ensure their employees are well trained to recognize what the threats, such as fake emails, look like. After that, they must implement the appropriate security measures in order to protect their data.