Law Firms & Legal Departments Singled Out for Cyberattacks
Friday, December 1, 2023
Cybercriminals use legal search terms to ensnare unwitting victims, then launch ransomware or business email compromise attacks.
Traditionally, the attraction for online attackers has not been money, says Ilia Kolochenko, chief architect at application security firm ImmuniWeb.
"Law firms are pretty far from being attractive victims for cybercriminals," he says. "However, their clients — namely, secrets of their clients — make law firms a magnet for all kind of cybercriminals."
Will Get Worse Before It Gets Better
Because law firms tend to be smaller, often just one or two people, cybersecurity knowledge is often lacking, says ImmuniWeb's Kolochenko.
"Solo practitioners and small law firms are usually poorly protected, having very modest budgets for cybersecurity," he says. "Large law firms, however, increasingly spend more on cybersecurity and cyber defense, [but most firms] have similar problems as all other industries including shadow IT, working from home, [and] underprotected third parties." Read Full Article
American Lawyer: In What Could Be a Trend, Ransomware Operation Files SEC Complaint Against Victim for Failing to Timely Disclose Cyberattack
CPO Magazine: Denmark Weathered Wave of Cyber Attacks on Energy Infrastructure in May, Industry Non-profit Reveals