Will Bartlett* Cyber attacks on law firms continue to be a major threat, one of the latest such techniques being the so-called ‘spear phishing’ approach where hackers contact a target and impersonate a trusted client or individual. But it is a human shield defense rather than just technology against phishing that provides the greatest protection for law firms.
The hacker gleans confidential information or infects the target’s system with a Trojan file that can contaminate an entire network.
The hackers can hold data to ransom, often for a cryptocurrency reward being paid, or they can fraudulently divert funds on business or property settlements to be forwarded to another account.
Researchers at Verizon discovered in their 2017 Data Breach Investigation Report that 66% of all malware attacks analyzed for that period were installed via email.
Verizon also found that 23 per cent of those in receipt of phishing emails opened them.
That is a highly dangerous – even disturbing – ‘open rate’ hit for the scammers.
And it demonstrates the success of spear-phishing for hackers.
The difficulty with Trojan emails is that they are difficult to detect, although firms can take steps to improve their defenses against them.
It is very easy for any staff member to open a Trojan email, particularly in the context of a busy work place and with a familiar file name or client in the address bar or subject-line of the email.
Those who have been attacked in multiple jurisdictions have had client data compromised or, as in the case of a breach of DLA Piper’s computer system in 2017, had their entire system shut down across the world within 20 minutes after discovery of the Ukraine-based hacking.
The DLA Piper disaster cost the firm millions and tarnished its reputation for security, just as other firms have also lost money and incurred other damage through spear-phishing hacks.
It is that sort of disaster that firms need to guard against.
Spot the Trojan
When busy, the ability to make a simple mistake is easy. But when dealing with important matters it is vital that lawyers are vigilant about email addresses.
Often the scammers will provide what appears to be bank or tax information. Others will provide CV- or resume-style information seeking a form completion, or they will purport to be an email from a major corporation. We have reported previously in LawFuel about ransomware and other attacks.
Often the email address may simply differ by one digit, or the hackers may infiltrate a server and monitor electronic conversations, effectively supplanting the account of the trusted email party, sending emails directly for a correct email account.
In cases where funds are being made to international accounts, there needs to be a verbal confirmation regarding money transfers using known phone numbers and contacts.
It is not therefor necessarily the technology that is protecting the account, but rather the correct practices and protocols being put in place.
Ensuring that staff are property aware of the risks and educating them as to what is happening and what they need to be awake to is another, key requirement.
Similarly, the ability of phony or fraudulently-developed websites that can install malware is another major concern, which can contaminate servers and be used for phishing or other illicit purposes.
Most importantly, having the correct policies to put in place defenses against cyber attack and server contamination is a ‘human shield’ priority where surveillance and security are put at the very top of the firm’s management list.
*Will Bartlett writes on legal security and communications issues.