Malicious actors are consistently and persistently looking for new avenues to compromise sensitive data and they’ve found one such entry through legal firms.
Legal firms play a unique role within the economy by being at the center of personal and business-related transactions. Legal firms are involved with large enterprises, governments, small businesses and individual cases. The data maintained by legal firms is both sensitive and valuable and attackers have taken notice. Legal firms are under a barrage of attacks due to the data and relationships they maintain. Many of these firms are focusing on user endpoints when it comes to reducing their risk.
Law Firms Are the Easier Target
Law firms are the lynch pin to many of the largest deals in the world (e.g., mergers and acquisitions). Yet, since law firms are currently an unregulated industry, some suffer from a lack of cybersecurity resources when it comes to fully getting the attention needed to fulfill the concerns they’re facing. These factors offer attackers an opportunity to compromise sensitive data by attacking law firms, knowing that they will likely encounter weaker security controls than if they go after other parties in the targeted business transaction. Attackers will gladly attack a law firm over a financial institute (historically regulated for security)—as a less abrasive barrier of entry—if they know both are working with the same data.
The desire and opportunity to compromise law firms opens the flood gates for attackers to start creating dedicated malware to compromise and steal data for financial gain. It also creates a very attractive scenario for attackers when focusing ransomware campaigns towards law firms. This data is the lifeblood and reputation for law firms and if it’s compromised in any way it leaves the door open for lawsuits against law firms from their clients due to lax data security practices. As ironic as this sounds, law firms don’t want to be involved with lawsuits when the complaint is filed against them. We’ve seen similar complaints filed against law firms from their clients, because the client felt that the law firm put their case at risk due to a security breach.
Law professionals live in email, documents and high-pressure situations, so it’s no surprise attackers are using these three areas to their advantage. The number one attack on firms today is phishing with some type of a weaponized document. Humans are social creatures and when phishing messages are crafted with familiarity at the right time we will continue to fall for their games. This is especially true in the legal industry, where associate lawyers act with speed and conformity when handling a request, they believe originated from a managing partner. This behavioral aspect of the law office hierarchy is preyed upon by attackers looking to have their malware introduced into law firms and gain a foothold into their environment.
Post was first published on Minerva-labs.com. Finish reading the article here: https://blog.minerva-labs.com/legally-dangerous-attackers
Author Bio: Matthew Pascucci Is the Cybersecurity Practice Manager at CCSI with over 16 years’ experience in IT focusing on Cybersecurity. Previously he’s worked in the manufacturing, financial, ecommerce, healthcare and service industries developing security programs for his employers.
He joined CCSI to develop a Cybersecurity practice that includes managed security services, penetration testing, and risk assessments for organizations of every size and vertical. Personally, he holds multiple information security certifications and has had the opportunity to write and speak about cybersecurity for the past decade. Matt is a Privacy Advocate and Security Blogger and has hundreds of publicly published articles and presentations. He’s the founder of www.frontlinesentinel.com and a board member on the local chapters of InfraGard and OWASP. Matthew can be contacted via his blog, on Twitter @matthewpascucci, or via email firstname.lastname@example.org