It’s not only the government that’s at risk for cyber attacks from foreign nation-states — almost anyone with a large amount of valuable data can be a target. In the United States, foreign hackers often target law firms in particular. According to Priscilla Moriuchi, director of strategic threat management at Recorded Future, “[Law firms] are such a great target because they have access to a good deal of non-public information.”
Breach Attempts to Date
A high-profile example of a law firm breach is DLA Piper, an international law firm that was brought down in a matter of minutes in an overnight breach, according to Bigger Law Firm. Due to an administrative professional within the company clicking on a seemingly innocent “update” link, the company lost all of its data, a week of work and its reputation. Examples such as this show how much law firms have to lose to breach attempts.
Law Firms May Not Be The End Goal
However, the true victims may not be the law firms at all. According to The Recorder, a recent incursion reportedly performed by China-based hacking group APT10 targeted a law firm in the U.S. that is known for its expertise in intellectual property. This law firm has clients from a myriad of industries, including technology, pharmaceutical and biomedical companies, and was targeted for almost a full year by the hackers. According to Bigger Law Firm, high-profile clients can further elevate a law firm’s threat level.
“Companies may be the ultimate target, and law firms are just a way to get the data,” said Muichi.
Since many large law firms hold sensitive client company information, the firm may act as a “middle-man” to the real target. Clients that specialize in aerospace or technology are often very valuable for countries like China and Russia that may be trying to get a competitive edge against companies in the United States.
Law Firm Cybersecurity
It is surprising to see law firms pay so little attention to their cybersecurity plans, especially when you consider that survey results have revealed that 69 percent of people polled believed their law firms’ cybersecurity plans were out of date and vulnerable, according to Bigger Law Firm. To avoid a breach, you have to be proactive, which means amping up your cybersecurity plan to keep up with the ever-evolving techniques that hackers are using.
MDL Technology offers dedicated monitoring 24/7 in an outsourced data center that provides best-in-class technology, protection and affordability. Learn more on our website.
