Cybersecurity Services for Law Firms
Law firms are an increasingly tempting target for cyber criminals. In a report of its yearly survey of law firms, the American Bar Association reported that in 2019 more than a quarter of responding law firms experienced a security breach ranging from hacker activity to lost or stolen laptops.
Law firms typically hold large volumes of sensitive information about their practice, their employees, and their clients. Security breaches that expose this information to cyber criminals invite blackmail and other illicit acts such as insider trading. Beyond that, law firms are bound by rules of professional and ethical conduct as well as regulatory requirements to protect their clients’ data.
Here are some examples of cybersecurity attacks that impacted law firms:
A REvil (also known as Sodinokibi) ransomware attack on TrialWorks, a leading case management software company for law firms, shut down the TrialWorks platform, locking lawyers out of their case files for a number of days. Some law firms were forced to request courts to extend the deadline for filing documents supporting their cases.
A law firm in Washington D.C. was the victim of a GozNym malware attack that exposed sensitive information in its computer system. Cyber criminals gained unauthorized access to the law firm’s bank account, which ultimately resulted in a $76,178.12 loss to the firm.
A phishing ploy on the Jenner & Block law firm transmitted W-2 data for more than 850 employees to an unauthorized recipient, potentially exposing private addresses, Social Security numbers and salary information.
Cyber Threats
There are various types of schemes cyber criminals use to target law firms. Here are some that are frequently attempted.
Ransomware
Ransomware, such as REvil/Sodinokibi, is designed to block access to a computer system until a sum of money is paid. Individual law firms as well as software firms that provide services to law firms, such as TrialWorks, are under growing ransomware attack. Law firm clients and even court systems are targets. For instance, the Georgia Administrative Office of Courts was temporarily shut down by a ransomware attack in July 2019.
Phishing
Phishing is a fraudulent attempt to trick users into disclosing confidential information, typically by clicking a link in an email or by responding to a text or phone call. The successful phishing attempt at Jenner & Block is a prime example of the growing threat law firms face due to these ploys. Last year, nearly 80% of law firms reported phishing attempts. In particular, spear phishing attacks that target a particular individual in a law firm are growing dramatically.
Malware
Malware is any software intentionally designed to gain unauthorized access to or damage a computer, server, client, or computer network. Hackers trick users to unwittingly install malware, often through an email attachment or by enticements such as free screensavers. Once in a computer system, malware can steal information or damage the system. Attacks on law firms through a type of malware called a Trojan horse are particularly damaging. As mentioned previously, hackers used the Trojan horse GozNym to steal more than $76,000 from a Washington law firm. Once exposed by malware, a law firm’s data can easily be used or modified.
Human Error
But perhaps the biggest cyber threat to law firms is human error. More than a third of all data breaches at law firms are caused by employee negligence. These exposures can range from losing a tablet or laptop holding client information, to inadvertently making the law firm’s private records public, to accidently sending confidential material to an unauthorized individual. Employee negligence can put a law firm’s clients at risk and also greatly damage a firm’s reputation.
The Need for Services
The growing volume and sophistication of cyber attacks are making it difficult for law firms and their IT departments to devote the time and attention needed to counter these threats. In response, law firms are turning to service providers for assistance in some crucial areas, such as risk assessment, security plans and policies, and security awareness training.
Risk Assessment
A risk assessment determines what assets, such as sensitive client records, need to be protected and the threat of exposure. A risk assessment should cover:
Where and how sensitive information is stored, who uses it, and how it is used
How email is used
How data is remotely accessed
What approaches are used to protect information
When and where mobile devices are used
Security providers can assist law firms in doing a comprehensive risk assessment and report on internal and external facing vulnerabilities.
Security Plans and Policies
Security plans and policies address security vulnerabilities and specify approaches to protect against and recover from security breaches. A good security plan should not only protect a law firm’s vital data from hackers and cyber criminals, but also protect against inadvertent data exposure from insiders.
Security providers can assist law firms in developing effective end-to-end plans and policies that combine proactive measures to protect against internal and external security threats, and responsive approaches that quickly recover vital records in case of a security breach.
Security Awareness Training
Security awareness training educates personnel about security policies and plans, and heightens their security awareness.
Security providers can implement training programs for law firms that educate employees about the firm's security policies and procedures, and also take advantage of technology to simulate malicious social engineering approaches such as phishing and spear phishing attacks.
How FirmGuardian Can Help
FirmGuardian can assist your law firm and IT team in every facet of a cyber security program, including:
Identifying and reporting cyber security vulnerabilities in your environment
Developing remediation strategies that mitigate against cyber security risk
Ensuring that appropriate cyber security policies and controls are in place
Implementing robust incidence approaches that limit the impact of cyber security breaches
Creating comprehensive security awareness training programs that empower employees to be the first line of defense against cyber crime
Firm Guardian offers a managed endpoint detection and response (managed EDR) approach to cyber security that combines 24/7 threat monitoring, incident response, and alert filtering. Managed EDR provides deep investigation, analysis, and validation of cyber threats through a combination of advanced analytics, threat intelligence, forensic data collection, and human expertise.
And Firm Guardian works hand-in-hand with your IT team to protect your vital data and computer systems by leveraging the technology you’ve already invested in. It assists your firm in aligning with industry standards and best practices such as FINRA, HIPAA, PCI, and DSS.