• Mail
  • LinkedIn
  • Twitter
Hire Us
Law and Forensics
  • Home
  • Products
  • Services
    • Cybersecurity Services Group
      • Assessments
      • Automotive Industry
      • Board Consulting
      • Data Governance
      • Defense Industrial Base
      • Due Diligence
      • Financial Institutions
      • Incident Response
      • Pension and Plan Sponsors
      • Privacy
      • Tabletops
    • eDiscovery Services Group
      • Consulting
      • Data Preservation
      • Expert Witness
      • Training Practice
    • Forensic Services Group
      • Cloud Computing
      • Consulting
      • Expert Testimony
      • Internet of Things
      • Investigations
      • Mobile Device
      • Dispute Resolution Services
      • Social Media
      • Server Forensics
    • Digital Banking Services Group
      • Assessments
      • Blockchain
      • Cryptocurrency
      • CSO and CRO Advisory
      • Expert Witness
      • Regulatory Compliance
      • Strategy
      • Training
  • Insights
  • About Us
  • Search
  • Menu Menu
  • A New Focus on Law Firm Cybersecurity

    INSIGHTS

Legal Executive Institute

A New Focus on Law Firm Cybersecurity

January 11, 2017

By Daniel B. Garrie

A New Focus on Law Firm Cybersecurity

Law firms have long held a hallowed position in the corporate world, as the preeminent keeper of confidences. But the frequency with which law firms are falling victim to data breaches and hacks should leave clients questioning their firm’s data security. Due to their trusted position in the business world, law firms have become a prime target for cyber criminals, and without adequate data security confidential client information can fall into the hands of a wide variety of bad actors.

Consider the following hypothetical about a top global firm. It has attorneys working with companies and individuals in virtually every industry in the world. These attorneys are privy to a wide variety of highly sensitive and confidential financial information — information that would be of great value to cyber-criminals. A senior mergers and acquisitions partner chose to use his smartphone for both work and personal use. As a senior partner, no one was willing to require the need to segregate data and users. The senior partner regularly let his son use the smartphone to surf the Internet and download games. One day, the son downloads a game which has malware code attached to it. The malware infiltrated the firm’s email server. This silent intrusion allowed a cyber-criminal to monitor all emails in the senior partner’s practice group. The cyber-criminal was able to access confidential financial information, which allowed him to engage in insider trading, making millions of dollars off of the information, and causing serious harm to the firm’s client by driving up the price of the stock.

While the above hypothetical may seem like a doomsday scenario, it can happen, as revealed in a recent indictment in the Southern District of New York. The indictment alleged that three criminals gained access to a top law firm’s email server through undisclosed means. On multiple occasions, these criminals were able to gain confidential inside information about pending M&A deals. The criminals were then able to trade on that information, making more than $4 million before being caught. The criminals were charged with insider trading, wire fraud, and violations of the Computer Fraud and Abuse Act. While the facts are little known for how the criminals in the above case broke into the firm’s mail servers, it’s likely that the criminals exploited a lawyer with access to the email server — a much easier pathway — rather than attacking the system directly.

To read the full article, go to Legal Executive Institute

Newsletter

Contact Us

Contact Us
Sales Inquiry
​Press Inquiry
​Speaking Inquiry
Job Inquiry

CYBERSECURITY PRACTICE

Assessments
Automotive Industry
Board Consulting
Data Governance
Defense Industrial Base
Due Diligence
Financial Institutions
Incident Response
Pension and Plan Sponsors
Privacy
Tabletops

EDISCOVERY PRACTICE

Consulting
Data Preservation
Expert Witness

Training Practice

DIGITAL BANKING

Assessments
Blockchain

Cryptocurrency
CSO and CRO Advisory
Digital Banking Services
Expert Witness
Regulatory Compliance
Strategy
Training

FORENSICS PRACTICE

Cloud Computing
Consulting
Expert Testimony
Internet of Things
Investigations
Mobile Device
Dispute Resolution Services
Social Media
Server Forensics  

ARTICLES

Browse All L&F Articles
Journal of Law & Cyberwarfare
Books & Publications

WEBINARS

Browse All Webinars
Legal Cyber Academy

RESOURCES

About Us
Events
Search

Law & Forensics © 2021. All Rights Reserved
  • Privacy Policy
  • Legal Notices
Scroll to top

This site uses cookies. By continuing to browse the site, you are agreeing to our use of cookies.

OKLearn more×

Cookie and Privacy Settings



How we use cookies

We may request cookies to be set on your device. We use cookies to let us know when you visit our websites, how you interact with us, to enrich your user experience, and to customize your relationship with our website.

Click on the different category headings to find out more. You can also change some of your preferences. Note that blocking some types of cookies may impact your experience on our websites and the services we are able to offer.

Essential Website Cookies

These cookies are strictly necessary to provide you with services available through our website and to use some of its features.

Because these cookies are strictly necessary to deliver the website, refusing them will have impact how our site functions. You always can block or delete cookies by changing your browser settings and force blocking all cookies on this website. But this will always prompt you to accept/refuse cookies when revisiting our site.

We fully respect if you want to refuse cookies but to avoid asking you again and again kindly allow us to store a cookie for that. You are free to opt out any time or opt in for other cookies to get a better experience. If you refuse cookies we will remove all set cookies in our domain.

We provide you with a list of stored cookies on your computer in our domain so you can check what we stored. Due to security reasons we are not able to show or modify cookies from other domains. You can check these in your browser security settings.

Google Analytics Cookies

These cookies collect information that is used either in aggregate form to help us understand how our website is being used or how effective our marketing campaigns are, or to help us customize our website and application for you in order to enhance your experience.

If you do not want that we track your visit to our site you can disable tracking in your browser here:

Other external services

We also use different external services like Google Webfonts, Google Maps, and external Video providers. Since these providers may collect personal data like your IP address we allow you to block them here. Please be aware that this might heavily reduce the functionality and appearance of our site. Changes will take effect once you reload the page.

Google Webfont Settings:

Google Map Settings:

Google reCaptcha Settings:

Vimeo and Youtube video embeds:

Other cookies

The following cookies are also needed - You can choose if you want to allow them:

Privacy Policy

You can read about our cookies and privacy settings in detail on our Privacy Policy Page.

Privacy Policy
Accept settingsHide notification only

Subscribe to Our Newsletter!

* indicates required







Please select all the ways you would like to hear from Law and Forensics:

You can unsubscribe at any time by clicking the link in the footer of our emails. For information about our privacy practices, please visit our website.

We use Mailchimp as our marketing platform. By clicking below to subscribe, you acknowledge that your information will be transferred to Mailchimp for processing. Learn more about Mailchimp’s privacy practices here.