Page 10 - Minnesota Vol 8 No 4
P. 10

Managing Cybersecurity Threats Faced
by Law FSirms BY DR. ANAND SINGH
ecurity breaches have become a routine occurrence, and law  rms are not immune to such attacks. Law  rms have be- come an attractive target because access to sensitive data is a business need for them, which in turn makes them more attractive to prospective attackers. Also, most law  rms don’t
have in-house cybersecurity sta  or third-party arrangements to ac- tively defend their enterprises, which limits their ability to respond to cyber events.
COMMON CYBER RISKS
Social engineering attacks, ransomware, and sensitive data leaks are the biggest cyber threats faced by law  rms.
Social engineering is a form of deception that attempts to manipu- late an individual into divulging con dential or personal information (e.g. passwords or sensitive documents) that can be used for fraudu- lent purposes. Phishing is the most common form of social engineer- ing attack. Phishing is the practice of sending emails supposedly from trusted individuals or companies in order to manipulate individuals into releasing personal information. For example, a phishing email may be intended to confuse individuals into paying a fraudulent in- voice or providing the login/password combination into a site de- signed to imitate a reputable site.
Ransomware is a malicious program that encrypts critical  les on a computer system until a sum of money is paid to the extortionist. Databases and  le systems are the most common target in law  rms because that is where the information to execute legal cases resides, thus increasing the motivation to pay the ransom.
Sometimes attacks can happen for reasons other than extortion. Nation-states may be interested in getting access to data so they can selectively leak to advance their interests. Or motivated hacktivists may perpetrate cyber attacks so they can leak sensitive information to further social or political ends. Mossack Fonseca, the Panamanian law  rm, is a great example of that. Leaks from that  rm generated the infamous “Panama Papers” scandal and exposed emails, contracts, banking statements, and sensitive client records totaling 11.5 million documents and 2.6 terabytes of data.
ATTORNEY AT LAW MAGAZINE · MINNESOTA· VOL. 8 NO. 4 10


































































































   8   9   10   11   12