Wednesday, September 30, 2015

Information Security News – Law Firm Hacked, Data Ransomed

In August, LegaltechNews noted: "Heightened Risk of Cyberattacks Puts Pressure on Law Firms to Bolster Defenses" --
  • "On a scale of one to 10, the risks law firms are facing are an 11, according to Daniel Solove, professor at George Washington Law School and organizer of the Privacy + Security Forum. Underscoring this urgency is data from Mandiant, a division of FireEye, which finds that 80 of the 100 biggest law firms in the U.S. have been hacked since 2011."
  • "Law firms have become a bigger target for cybercrime... Those sentiments have been echoed by the New York State Department of Financial Services (NYFDS) and others, which view law firms as a secondary access point for criminal activity due to the volume and sensitivity of data they deal with..."
Now comes a startling story posted in the Legal IT Network LinkedIn Group by a consultant: "Security incident in a law firm" --
  • "A few days ago one of the largest Polish law firms experienced a serious IT security breach. They were blackmailed then by hackers demanding ransom in BTC to stop publishing data stolen from the law firm servers. The hackers published 500 MB of sensitive data and threatened to expose further 100 GB if their demand is not met."
  • "The attack went through servers of IT company that delivered its services to the law firm. Lawyers from some other big law firms commented that they were also attacked, however the hackers failed to steal data."
See the full post for extensive community from that community, including a pointer to a 2013 Canadian article: "Law firms targeted in top 10 worst cyber attacks"

No comments:

Post a Comment