Talking about data security challenges, 2016 was a rough year, especially for the legal sector. There were several high-profile breaches, some of which will be talked about for years to come. Among the worst were the following:
- Mossack Fonseca: 11.5 million documents known as the Panama Papers dating as far back as 1970 were leaked, in what some are calling the largest data breach ever by volume.
- Cravath and Weil Gotshal: Both law firms – which represent Fortune 500 companies – were broken into, possibly as an attempt to steal information about Wall Street clients for the purposes of insider trading.
- Ransomware hits over a dozen firms: In Europe, multiple law firms were hit with ransomware within a period of only a few weeks.
As a whole, the sector has been more heavily targeted in recent years. According to an American Bar Association survey conducted in late 2015, a quarter of all law firms with 100 or more attorneys have been breached. The reason hackers would want to to target law firms is the same as why they’d target any other industry: to steal data that could be of value to someone, or to hold that critical data hostage by encrypting it.
The most important question now is: What what can law firms do to address their unique data security challenges?
Blocking Unauthorized Executables
Many law firms still use email as their standard method for communication and document sharing. Despite the widespread use of web gates and active anti-virus protection to prevent the execution of malware, email phishing scams continue to become more sophisticated and more effective at getting users to click on malicious links and file attachments.
Ransomware, keyloggers, backdoor Trojans and countless other forms of malware use email phishing scams as a primary means of dissemination. The high value of data used in the legal sector makes the space an ideal target for these and other cyberthreats. And while there is no such thing as a silver-bullet cybersecurity solution, deploying anti-executable software that can whitelist allowable programs will significantly abate the risk of accidentally launching a malicious application, and preventing shadow IT (the use of unauthorized applications for work functions).
Enhancing Incident Response
Perhaps the most troubling aspect of cybersecurity in the legal sector is that half of all attorneys surveyed by the ABA said that their organization does not have a response plan in place to an intrusion or data breach. In many cases, the actions that are taken moments after initial detection of a breach or malware intrusion will determine whether an organization will face substantial losses.
Furthermore, data breaches that aim to siphon information will often entail the use of various strains of malware intended to mask malicious behavior within the network by altering the very data logs that are typically analyzed to detect such malfeasance. To help prevent these issues, law firms need to ensure they can respond to malware intrusions within minutes, if not seconds. Moreover, they need to sanitize their work computers and servers on a regular basis to clear away surreptitious threats that may be masking nefarious user activity, logging keystrokes or performing any number of other tasks.
To learn more about how our ‘Reboot to Restore’ and ‘Application Control’ solutions can help in such situations, contact Faronics today.