Law Firms and Legal Departments Get Singled Out For Cyberattacks

Cyberattackers are doubling down on their attacks against law firms and corporate legal departments, moving beyond their historical activity of hacking and leaking secrets to targeting the sector with financial attacks, such as ransomware and business email compromise. On Nov. 24, managed service provider CTS, which provides IT services to law firms, acknowledged that the firm had suffered a breach, but did not give details about the source of the attack. The incident has reportedly affected services to dozens of law firms, particularly in the real estate sector. The attack follows claims by the LockBit group that it compromised London-based law firm Allen & Overy, listing the firm among the victims on its data-leak site and demanding a ransom. The firm confirmed a breach, but did not acknowledge the ransomware attack. The attacks are only the latest to target law firms and legal departments. At least one attack group has targeted law firms specifically, seeding compromised sites with legal jargon to make the sites rise in search rankings and then deliver a ransomware attack chain to visitors, says Keegan Keplinger, a senior security researcher with managed detection and response firm eSentire. "When hasn't been a legal organization, it's often been the legal department or a legal user - a paralegal or the legal consultant - in an organization," he says. "We saw a hospital get hit once, but it was the legal user in that hospital that downloaded." GootLoader, which leads to Blackcat ransomware, has focused heavily on law firms. Hackers have long favored law firms as a way to steal secrets, absconding with Uber drivers' personal information from law firm Genova Burns LLC in January; hijacking data on the contracts and personal emails from 200 high-profile celebrities - including Lady Gaga, Madonna, and Rod Stewart - from New York law firm Grubman Shire Meiselas & Sacks in 2020; and allegedly leaking the "Panama Papers" - 11.5 million documents on wealthy tax evaders - from Panama-based law firm Mossack Fonseca. Traditionally, the attraction for online attackers has not been money, says Ilia Kolochenko, chief architect at application security firm ImmuniWeb. "Law firms are pretty far from being attractive victims for cybercriminals," he says. "However, their clients - namely, secrets of their clients - make law firms a magnet for all kind of cybercriminals." Clickbait Turns to SEO Poisoning That has changed, as cybercriminals increasingly focus on law firms as a way to cash in with ransomware and BEC attacks. More than a quarter of law firms suffered a security breach in 2022, up from 25% in 2021, according to the American Bar Association's annual cybersecurity report, which stresses that a security breach is not as severe a classification as a data breach. The legal sector is the fourth most targeted sector by cybercriminals - behind services, manufacturing, and financial firms, according to eSentire's data. The most significant threat to law firms may be GootLoader, a browser-based threat that is delivered through search engine optimization poisoning. The group behind GootLoader has seeded malicious content and malvertising linked to 3.5 million search terms, a high percentage of which are legal terms. As a result, a lawyer or paralegal who searches for specific content may find the top search result leading to a GootLoader-infected file. "They're just mining the entire Web with these search keywords and just waiting for somebody in the legal profession, or somebody who needs this legal document, to just stumble on it and open it up, say, 'What's this? Oh, I will click on this JavaScript. No problem.'". A number of threat groups are also targeting law firms with BEC scams. Law firms are the perfect victims for such schemes, says Dan Caplin, director of cybersecurity and incident response at S-RM, a cybersecurity consultancy. "Firstly, they do a lot of business over and in emails, and secondly, law firms often occupy a privileged position in situations where payment instructions and details are exchanged - this, again, is mostly done over email," he says. Will Get Worse Before It Gets Better Because law firms tend to be smaller, often just one or two people, cybersecurity knowledge is often lacking, says ImmuniWeb's Kolochenko. "Solo practitioners and small law firms are usually poorly protected, having very modest budgets for cybersecurity," he says. "Large law firms increasingly spend more on cybersecurity and cyber defense, have similar problems as all other industries including shadow IT, working from home, [and] underprotected third parties." Law firms are often tasked as the custodian of extremely sensitive information, making any breach a problem and making the firm more likely to pay a ransom. "For a variety of reasons, law firms are behind the curve a little bit on security," he says. "With ransomware - especially the double whammy - legal firms are an obvious organization that would be vulnerable to that - especially, that would care about publishing their data."

This Cyber News was published on www.darkreading.com. Publication date: Thu, 30 Nov 2023 22:25:17 +0000


Cyber News related to Law Firms and Legal Departments Get Singled Out For Cyberattacks

Law Firms and Legal Departments Get Singled Out For Cyberattacks - Cyberattackers are doubling down on their attacks against law firms and corporate legal departments, moving beyond their historical activity of hacking and leaking secrets to targeting the sector with financial attacks, such as ransomware and ...
11 months ago Darkreading.com
How Cybersecurity for Law Firms has Changed - The public nature of the legal system makes law firms particularly vulnerable to a growing number of cybersecurity risks. Law firms have unique access to highly confidential client information and as a result, face a growing number of federal, ...
10 months ago Securityboulevard.com
Law Firms are Raising the Bar on Cybersecurity - Corresponding with recent increases in threat actor activity in the legal industry, law firms are investing more time and attention in modernizing security operations. Both midsize and large law firms are increasingly engaging with cybersecurity ...
1 year ago Bluevoyant.com
Legal and Compliance Considerations in Cloud Computing - This paradigm change has faced challenges, primarily legal and compliance issues. This can present severe legal issues, particularly regarding data ownership. According to S. Krishnan, the transforming nature of computing has created legal ...
9 months ago Feeds.dzone.com
A Comprehensive Look at the Financial Firms in European Union and Their Rules on Cloud-Based Services - Today's technology has opened up a world of possibilities for financial firms, especially with cloud-based services. Financial institutions are now able to access a great deal of information over the internet in an efficient and timely manner. ...
1 year ago Tripwire.com
Victory! Grand Jury Finds Sacramento Cops Illegally Shared Driver Data - For the past year, EFF has been sounding the alarm about police in California illegally sharing drivers' location data with anti-abortion states, putting abortion seekers and providers at risk of prosecution. We thus applaud the Sacramento County ...
4 months ago Eff.org
Dozens of Rogue California Police Agencies Still Sharing Driver Locations with Anti-Abortion States - SAN FRANCISCO-California Attorney General Rob Bonta should crack down on police agencies that still violate Californians' privacy by sharing automated license plate reader information with out-of-state government agencies, putting abortion seekers ...
9 months ago Eff.org
Cybersecurity and the Law: Taking Proactive Steps Before Needing Legal Action - How the justice system deals with cybercrime is still relatively new and finding its footing. How cybercriminals are leveraging the legal system is relatively new, too. Imagine a world where your organization gets hacked, and then, to add insult to ...
8 months ago Securityboulevard.com
The law enforcement operations targeting cybercrime in 2023 - In 2023, we saw numerous law enforcement operations targeting cybercrime operations, including cryptocurrency scams, phishing attacks, credential theft, malware development, and ransomware attacks. While some of these operations were more successful ...
10 months ago Bleepingcomputer.com
States Attack Young People's Constitutional Right to Use Social Media: 2023 Year in Review - Legislatures in more than half of the country targeted young people's use of social media this year, with many of the proposals blocking adults' ability to access the same sites. Courts blocked several of these laws for violating the First ...
10 months ago Eff.org
European firms urge China to give more clarity on data transfer laws - AP Moeller - Maersk A/S Siemens AG BEIJING, Nov 15 - European firms "Urgently" need China to give clearer definitions of key terms in its cross-border data transfer rules, a European business lobby group said on Wednesday, warning firms also stood to ...
11 months ago Reuters.com
If you prepare, a data security incident will not cause an existential crisis - This happens when there's a lack of preparation, but we can all choose to take actionable steps to turn down the temperature during incident response and help others and ourselves re-frame the issue. Those who have built trusted internal and external ...
9 months ago Helpnetsecurity.com
Ransomware, Data Breaches Inundate OT & Industrial Sector - Three-quarters of industrial firms suffered a ransomware attack in the past year, with far more compromises affecting operational technology than ever before - representing a surge in attacks driven by both the industrial sector's vulnerability and ...
11 months ago Darkreading.com
Human Error and Insiders Expose Millions in UK Law Firm Data Breaches - UK law firms are falling victim to data breaches primarily because of insiders and human error, according to an analysis of data from the the Information Commissioner's Office. NetDocuments examined data from the ICO covering Q3 2022 to Q2 2023 and ...
9 months ago Infosecurity-magazine.com
Telegram revealed it shared U.S. user data with law enforcement - Independent website 404 Media first revealed that in 2024 Telegram has fulfilled more than a dozen law enforcement data requests from the U.S. authorities. At the end of September, Telegram updated its privacy policy informing users that it will ...
1 month ago Securityaffairs.com
Recent Legal Developments That Favors Security Researcher But Challenges Remain;; - The world has seen several advancements in cyber security law across countries in recent times that indicates the importance of protecting rights of individuals who work to improve security in computer systems, networks, and software. Recently, ...
1 year ago Csoonline.com
Understanding Each Link of the Cyberattack Impact Chain - It's often difficult to fully appreciate the impact of a successful cyberattack. Other consequences aren't so obvious - from a loss of customer trust and potential business to stolen data that may surface as part of another cyberattack years later. ...
11 months ago Securityboulevard.com
It's Copyright Week 2024: Join Us in the Fight for Better Copyright Law and Policy - We're taking part in Copyright Week, a series of actions and discussions supporting key principles that should guide copyright policy. Every day this week, various groups are taking on different elements of copyright law and policy, addressing what's ...
9 months ago Eff.org
Legal, compliance and privacy leaders anxious about rapid GenAI adoption - Rapid GenAI adoption is the top-ranked issue for the next two years for legal, compliance and privacy leaders, according to Gartner. 70% of respondents reported rapid GenAI adoption as a top concern for them. Gartner experts have identified four key ...
10 months ago Helpnetsecurity.com
EFF Asks Court to Uphold Federal Law That Protects Online Video Viewers' Privacy and Free Expression - As millions of internet users watch videos online for news and entertainment, it is essential to uphold a federal privacy law that protects against the disclosure of everyone's viewing history, EFF argued in court last month. For decades, the Video ...
10 months ago Eff.org
Financial Fraud APK Campaign - During our research discovering threats in legitimate network traffic, activity generated by a certain type of Android Package Kit files kept hitting our radar. Our research revealed a family of malicious APKs targeting Chinese users that steals ...
9 months ago Unit42.paloaltonetworks.com
Twitter/X Content Moderation Law In California - Elon Musk's X loses bid to block California law that requires social media to publicly disclose their content moderation practices. The legal attempt by Elon Musk's X to undo a California state law on content moderation, has failed. Reuters reported ...
10 months ago Silicon.co.uk
Cyber-Attack Disrupts UK Property Deals - House sales and purchases across the UK have been disrupted by a cyber-attack affecting multiple conveyancing firms. CTS, a legal sector specialist infrastructure service provider, confirmed in a statement that it has experienced a service outage ...
11 months ago Infosecurity-magazine.com
Making the Law Accessible in Europe and the USA - Earlier this month, the European Union Court of Justice ruled that harmonized standards are a part of EU law, and thus must be accessible to EU citizens and residents free of charge. While it might seem like common sense that the laws that govern us ...
7 months ago Eff.org
Navigating the New Age of Cybersecurity Enforcement - Many equate this move as akin to a bomb going off for people working in the CISO role. CISOs are now faced with unprecedented potential liability risks, prompting the need for a proactive approach to legal exposure for security executives. To shed ...
10 months ago Darkreading.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)