The WannaCry attack has company. Late last month, the DLA Piper attack reminded legal professionals that they’re all major ransomware targets. DLA Piper is a multinational law firm located all over the world, including North and South America, Asia, Europe, Africa, and the Middle East. So it’s not really a wonder why cyber criminals would see a bullseye on DLA’s back.
A recent study shows that mega-law firms, such as DLA Piper, are in more trouble than ever. The report states that hacking attempts were made on 200+ law firms throughout the United States since the start of 2016. If that number doesn’t scare legal professionals, this one should. 40% of the firms cyber-attacked, didn’t even know they had been breached.
The report also discovered that the cyber-threats facing law firms didn’t vary much at all. However, these attacks came at a rapid rate. About 10,000 network intrusion attempts occurred daily, as well as about 1,000 invalid login attempts in a 24 hour cycle. 59% of all emails were classified as phishing/spam emails, which means being extra careful and sure you don’t open any attachments from unknown addresses.
Phishing has been old news for years now, playing a significant role in spreading the WannaCry attacks that impacted organizations across the world in May. While it was always suspected that law firms weren’t immune to these horrors, we now know for sure. If firms haven’t already done so, it’s time to increase their counter-phishing training for all their employees. Having your team perform multiple practice drills is a good start.
Law firms must recognize the risk in not having state-of-the-art cyber protection. Without an incident response plan, attorneys will be at the mercy of the hackers. A plan has to be more specific and sophisticated than regular office crisis management policies. You must clearly lay out what the roles are for everyone in the office, and what has to be done immediately when a breach happens. An excellent response plan is not complete without having a good team and data backup system behind it.