“Most major U.S. law firms have been victims of security breaches, and the unwelcome threats likely operated covertly for up to nine months before they were discovered,” says the American Bar Association Journal. Sounds scary, doesn’t it?
Let’s take a look at some of those breaches, and what happened:
1. Alabama Law Firm McCutcheon & Hamner Accused of Being Racist After YouTube Channel Hack:
This is one of the stranger cyber-crimes out there, but it does show you what kind of damage can be done. Basically, someone hacked their YouTube channel and posted a video the firm did not approve. One of the characters was portrayed in a stereotypical and racist light.
Unfortunately, even though the firm did not approve of the video, they still are associated with it and their reputation will take a bit of a hit.
2. Matt Kesner, Law Firm Security Thought Leader Gets Successfully Hacked Not Once, But Twice:
Kesner is the CIO of Fenwick and West LLP, and has even lectured about cyber security at ABA TECHSHOW. If you Google anything about cyber security and hacking in the legal industry, you’ll see his name all over the place. And yet, he’s been hacked twice. He also has an interesting thought: most breaches are never heard of because law firms prefer to keep them quiet.
3. British Columbia Law Firm Faces Extortion Threats from a Hacker:
The Law Society of British Columbia had some files stolen by a hacker. He then encrypted those files, and demanded payment in exchange for giving access back.
He used the powerful Cryptowall Virus and gave the firm 12 hours to pay the fee to have the encryption removed. If the firm was unable to pay the fee within that time, he would double it. If payment was not received within 30 days, he would permanently break the files.
Fortunately, this firm had backups available, so they got up and running quickly. However, many law firms are not adequately protected against hacking, so this firm may be the exception rather than the rule.
And for the record, hackers like this demand payment in the virtual currency called “Bitcoin.” If they receive payments this way, they’re untraceable.
Hackers See Law Firms as Easy Targets…
And that’s because, in general, law firms have access to corporate data, but don’t have the same levels of data security in place.
Do you really want to be the law firm that gets blamed for corporate clients, or maybe American citizens, losing their data?
These data breaches illustrate why managed IT services for law firms and law firm IT support teams are not an option in 2015 and beyond. Data protection and data backup must become a priority.