Monday, January 30, 2017

Security: When Reality Mirrors Fiction


Yesterday we proposed a fictional "worst case" security breach scenario. Now comes the real-world lessons, examples and more.

"Feds bust Chinese hackers for trading on stolen law firm secrets" --
  • "Chinese hackers made more than $4 million by infiltrating the email servers of New York law firms to steal secret corporate merger plans they could trade on, according to U.S. authorities."
  • "According to the indictment, the suspects hacked inside information by infiltrating at least two unnamed law firms between April 2014 and late 2015."
  • "The hackers scoured the emails of law firm partners to discover stocks that were likely to soar because they were targeted in merger deals, including one tech company Intel would later acquire for $17 billion. The defendants then purchased shares of those companies, scoring over $4 million in illegal profits, authorities allege."
  • "Preet Bharara, the U.S. Attorney for the Southern District of New York, said the case should serve as a 'wake-up call for law firms around the world...You are and will be targets of cyber hacking, because you have information valuable to would-be criminals," Bharara said in a statement.
Next: "Data Security Not Top Concern For Firm Leaders, Report Finds" --
  • "The danger of data breaches and other technological security issues in the legal industry seems to be implicit given the rising demand for data-driven work and high-profile firm document leaks, but information security is not top of mind among firm leaders, according to a report issued on Wednesday."
  • "Through a joint effort by Novitex, a Connecticut-based provider of cloud-based document outsourcing solutions, and the Association of Legal Administrators, more than 800 legal managers were surveyed on their top concerns and challenges, and how they’re going about overcoming them. But despite a commonly perceived threat of “cybercriminals” to confidential legal work, most firm leaders put increasing profits and revenue and luring new clients well ahead of limiting any cybersecurity risks."
  • "Specifically, the survey found that nearly half of attorneys considered increasing net profits or attracting new clients as their number one concern, with increasing revenues coming in as the top concern, at about 21 percent."
  • "Just more than 8 percent of leading firm attorneys named reducing cybersecurity risk as of utmost importance, coming in just above concern for how to improve workflows, according to the report. Such a result may be surprising considering the role of Panamanian firm Mossack Fonseca in a massive document leak this past spring, which saw hundreds of thousands of shell companies aimed at avoiding taxes, their owners and their BigLaw counsel publically outed."

No comments:

Post a Comment