The National Cyber Security Centre has issued its first legal threat report to law firms, showing that £11m of client cash has been stolen in cybercrime over the last 12 months, and that 60% of law firms reported an information security incident in the same period – an annual increase of 20%.
Handling huge amounts of confidential information on clients and deals, processing large amounts of funds, and negotiating highly sensitive mergers and acquisitions all add up to create a sector which is prime target for cyber-criminals. The risk is even greater for law firms working with clients in controversial sectors, where political or ideological groups see opportunities to access information.
The introduction of GDPR, a move to delivering legal services digitally, and the increasing use of artificial intelligence only increases the risk, and that risk is not confined to large, high profile firms either. Law firms of all sizes are vulnerable, from small sole practitioners up to international corporate law firms, and the results can be highly damaging, or even fatal.
The Mossack Fonseca data breach in 2016 saw the Panama-based law firm suffer a major attack and lose a massive 2.6 TB of data. This was subsequently traced back to IT security weaknesses, and led to the collapse of the business.
As IT partners to many of the region’s leading legal firms, our role is to help them to assess vulnerabilities and put a tailored backup, business continuity and disaster recovery strategy in place to protect not just themselves, but also their clients.
It is not a case of if an interruption will happen, it is a case of when.
The NCSC report details four most common threats facing the legal sector:
Phishing. Usually done via email or text, this involves sending official-looking messages that encourage the user to click on a link. This is the most common type of attack on law firms.
Data breaches. These can come from outside and inside the organisation, and insider breaches can be accidental as well as malicious.
Ransomware. This is where a malicious piece of code is introduced into the system, encrypting data and paralysing the infrastructure so hackers can blackmail you into paying for the decryption key. Sadly, paying the ransom can often encourage hackers to see you as worth targeting again.
Supply chain compromises. Working with third party partners, with whom you share data, opens you up to risk unless you are certain they have robust security in place.
While there are measures that your IT team can put in place to protect your business on all sides, remember that cybercrime is not just an IT issue. As a serious threat to every organisation it is now a strategic risk management issue that should be discussed at boardroom level.
Cybercrime is constantly evolving and the best way to protect your business is to work with an expert IT security partner. Come along to one of our regular cyber-security events and hear from security professionals and ethical hackers about the topical issues, and how to avoid being the next victim of the cyber-criminals.