• Mail
SUBMIT A CASEABOUT
Law and Forensics
  • Capabilities
    • eDiscovery
      • Document Review and Production
      • eDiscovery Consulting and Strategy
      • ESI Preservation and Collection
      • ESI Processing and Hosting
      • Expert Testimony and Reporting
    • Cybersecurity
      • Cybersecurity Assessments
      • Board-Level Cybersecurity Services
      • Cybersecurity Consulting
      • Industry-Specific Cybersecurity Solutions
      • Cybersecurity Expert Witness Services
      • Cybersecurity Incident Response Services 
    • Forensic
      • Forensic Consulting
      • Forensic Expert Witness
      • Forensic Investigations
      • Forensic Analysis
      • Computer Forensics Services
      • Cloud Computing Forensics
      • Internet of Things Forensics
      • Mobile Device Forensics
      • Server Forensics
      • Social Media Forensics
    • Digital Banking
      • Blockchain Services
      • CSO and CRO Advisory Service
      • Digital Banking Expert Witness Services
      • Digital Banking Regulatory Compliance Services
      • Digital Banking Strategy Consulting Services
      • Digital Banking Training Services
    • Privacy
      • Privacy Consulting
      • Privacy-Focused Regulatory Services
      • Privacy Incident Response Planning
      • Privacy Program Development
  • Products
  • Insights
  • Search
  • Menu Menu
  • A New Focus on Law Firm Cybersecurity

    INSIGHTS

Legal Executive Institute

A New Focus on Law Firm Cybersecurity

January 11, 2017

By Daniel B. Garrie

A New Focus on Law Firm Cybersecurity

Law firms have long held a hallowed position in the corporate world, as the preeminent keeper of confidences. But the frequency with which law firms are falling victim to data breaches and hacks should leave clients questioning their firm’s data security. Due to their trusted position in the business world, law firms have become a prime target for cyber criminals, and without adequate data security confidential client information can fall into the hands of a wide variety of bad actors.

Consider the following hypothetical about a top global firm. It has attorneys working with companies and individuals in virtually every industry in the world. These attorneys are privy to a wide variety of highly sensitive and confidential financial information — information that would be of great value to cyber-criminals. A senior mergers and acquisitions partner chose to use his smartphone for both work and personal use. As a senior partner, no one was willing to require the need to segregate data and users. The senior partner regularly let his son use the smartphone to surf the Internet and download games. One day, the son downloads a game which has malware code attached to it. The malware infiltrated the firm’s email server. This silent intrusion allowed a cyber-criminal to monitor all emails in the senior partner’s practice group. The cyber-criminal was able to access confidential financial information, which allowed him to engage in insider trading, making millions of dollars off of the information, and causing serious harm to the firm’s client by driving up the price of the stock.

While the above hypothetical may seem like a doomsday scenario, it can happen, as revealed in a recent indictment in the Southern District of New York. The indictment alleged that three criminals gained access to a top law firm’s email server through undisclosed means. On multiple occasions, these criminals were able to gain confidential inside information about pending M&A deals. The criminals were then able to trade on that information, making more than $4 million before being caught. The criminals were charged with insider trading, wire fraud, and violations of the Computer Fraud and Abuse Act. While the facts are little known for how the criminals in the above case broke into the firm’s mail servers, it’s likely that the criminals exploited a lawyer with access to the email server — a much easier pathway — rather than attacking the system directly.

To read the full article, go to Legal Executive Institute

Newsletter

Sign Up for Updates!

Jobs

Apply for a Job

Products

Assessments
Playbooks
Tabletop.ai
Legal Cyber Academy
ForensicTools.dev



Contact Us

Sales Inquiry
​Press Inquiry
​Speaking Inquiry

Capabilities

Digital Banking Services
Forensic Services
Cybersecurity Services
eDiscovery Services
Privacy Services

RESOURCES

About Us
Events
Search

Law & Forensics © 2023. All Rights Reserved
  • Privacy Policy
  • Legal Notices
Scroll to top

This site uses cookies. By continuing to browse the site, you are agreeing to our use of cookies.

OKLearn more×

Cookie and Privacy Settings



How we use cookies

We may request cookies to be set on your device. We use cookies to let us know when you visit our websites, how you interact with us, to enrich your user experience, and to customize your relationship with our website.

Click on the different category headings to find out more. You can also change some of your preferences. Note that blocking some types of cookies may impact your experience on our websites and the services we are able to offer.

Essential Website Cookies

These cookies are strictly necessary to provide you with services available through our website and to use some of its features.

Because these cookies are strictly necessary to deliver the website, refusing them will have impact how our site functions. You always can block or delete cookies by changing your browser settings and force blocking all cookies on this website. But this will always prompt you to accept/refuse cookies when revisiting our site.

We fully respect if you want to refuse cookies but to avoid asking you again and again kindly allow us to store a cookie for that. You are free to opt out any time or opt in for other cookies to get a better experience. If you refuse cookies we will remove all set cookies in our domain.

We provide you with a list of stored cookies on your computer in our domain so you can check what we stored. Due to security reasons we are not able to show or modify cookies from other domains. You can check these in your browser security settings.

Google Analytics Cookies

These cookies collect information that is used either in aggregate form to help us understand how our website is being used or how effective our marketing campaigns are, or to help us customize our website and application for you in order to enhance your experience.

If you do not want that we track your visit to our site you can disable tracking in your browser here:

Other external services

We also use different external services like Google Webfonts, Google Maps, and external Video providers. Since these providers may collect personal data like your IP address we allow you to block them here. Please be aware that this might heavily reduce the functionality and appearance of our site. Changes will take effect once you reload the page.

Google Webfont Settings:

Google Map Settings:

Google reCaptcha Settings:

Vimeo and Youtube video embeds:

Other cookies

The following cookies are also needed - You can choose if you want to allow them:

Privacy Policy

You can read about our cookies and privacy settings in detail on our Privacy Policy Page.

Privacy Policy
Accept settingsHide notification only

Subscribe to Our Newsletter!

* indicates required

 





Please select all the ways you would like to hear from Law and Forensics:

You can unsubscribe at any time by clicking the link in the footer of our emails. For information about our privacy practices, please visit our website.

We use Mailchimp as our marketing platform. By clicking below to subscribe, you acknowledge that your information will be transferred to Mailchimp for processing. Learn more about Mailchimp’s privacy practices here.