November 30, 2023 at 05:27PM
Cyberattackers are increasingly exploiting law firms and corporate legal departments with financial attacks such as ransomware and BEC. Incidents like CTS’s breach, LockBit’s ransom demand to Allen & Overy, and the rise in security breaches highlight the threat. Law firms, often handling sensitive information, are vulnerable due to limited cybersecurity measures and attractive to criminals for potential high ransom payouts. GootLoader has particularly targeted the legal industry through SEO poisoning, leading to BlackCat ransomware.
**Meeting Takeaways:**
1. **Increased Cyberthreats to Legal Sector:** Cyber attackers have escalated their activities against law firms and corporate legal departments. They’ve advanced from primarily hacking and leaking to also perpetrating financial cybercrimes like ransomware and business email compromise (BEC).
2. **Recent Security Breaches:**
– CTS, an IT service provider for law firms, confirmed a breach on Nov. 24, impacting numerous law firms, especially in real estate.
– Allen & Overy, a law firm in London, was listed on LockBit ransomware group’s data-leak site after a breach.
3. **Targeting Tactics:** Cybercriminals are targeting both individuals in legal departments (paralegals, legal consultants) and legal organizations. For instance, a hospital’s legal user was a victim of malware.
4. **Specific Threat Examples:**
– GootLoader progresses to Blackcat ransomware, focusing heavily on law firms.
– Law firms have historically been attractive targets due to the sensitive client information they handle. Examples include the Uber drivers’ personal data breach at Genova Burns LLC and the leak of high-profile celebrities’ data from Grubman Shire Meiselas & Sacks.
5. **SEO Poisoning with GootLoader:**
– Cybercriminals are using search engine optimization (SEO) poisoning to distribute GootLoader.
– GootLoader-infected files are linked to legal search terms and lead to BlackCat ransomware when opened.
6. **BEC Scams Targeting Law Firms:**
– Law firms are prime targets for BEC due to frequent email-based business transactions and handling of payment instructions/details.
7. **Sector Vulnerability and Response:**
– Smaller law firms and solo practitioners often lack adequate cybersecurity due to financial constraints.
– Larger law firms are increasing their cybersecurity budgets, but face similar challenges as other industries, including shadow IT and remote work vulnerabilities.
8. **Prognosis for the Future:**
– The situation is expected to worsen before improvements are seen.
– Law firms, as custodians of sensitive information, are susceptible to ransomware and may be more inclined to pay ransoms.
9. **Cybersecurity Report Statistics:**
– According to the American Bar Association, 27% of law firms experienced a security breach in 2022, an increase from the previous year.
– The legal sector ranks fourth in cyberattack targeting, after services, manufacturing, and financial firms.
**Recommendation:**
Law firms should prioritize enhancing their cybersecurity measures and awareness to counteract the increasing threat of ransomware, BEC scams, and other cyberattacks.