Hackers are increasingly going after law firms, following ‘the big money’. The US Securities and Exchange commission have reported that just 7 firms in America were hit with over 100,000 attacks over a three-month period last year, resulting in two organisations being compromised and over 60 gigabytes of data being stolen. In the UK it is reported that 80% of the biggest law firms in the country have been hacked since 2011.
The biggest rise of cyber crime within this industry has been via bogus emails. Examples of such emails purport to come from a managing partner to a more junior lawyer, directing them to make payments or to send certain information to a forwarding email address. They often look like a regular message and are causing high levels of concern for multiple law practices. Some firms have also reported breaches of their video-conferencing systems, reports have shown cyber-criminals have managed to hack their way in and listen on meetings, proving a growing concern across the sector.
Accounting firms that provide tax advice on mergers, advisory firms and consultants who engage with these businesses are reportedly most at risk and are on criminals ‘hit list’. As we have seen over the past few years’ retailers, telecom groups and internet providers such as Tesco, Talk Talk, The Post Office and Yahoo have already had to pay the price for weak cyber defences.
However, these security breaches are ‘lucky’ in comparison, many of the hacks of retail and telecom providers have seen stolen passwords and account details, they rarely included immediately useable information. Experts have said that ‘Professional services won’t be so lucky due to the nature of the data that they hold. Their customers expect professionalism and confidentiality.’