The hacking of Panamanian law firm Mossack Fonseca last April resulted in 11.5 million leaked attorney-client privileged documents, exposing the widespread use of off-shore businesses by wealthy individuals and corporations around the world and highlighting the imperative need for proactive measures against corruption and other illicit financial activity.

But what it also revealed was just how vulnerable law firms can be to hackers and other cyber criminals.

I recently spoke to Daniel Garrie, Global Head of eDiscovery, Forensics, and Cybersecurity Practices for Law & Forensics LLC, to get his insight into some of the cyber security issues facing law firms today:

Q. Daniel, why do hackers and other cyber criminals target law firms?

First, for information. All kinds of potentially valuable information: M&A information, IP information, real estate information, divorce information; information that can make people money or give them leverage. If you think about the law firms that just do mortgages, for example; getting a fully detailed mortgage package with social security numbers, bank account numbers, wiring information — that’s a pretty interesting piece of information.

Second, because in many cases, the law firm is the weakest link. Take the case of an M&A deal, for example. Why invest money and resources to hack the companies — which are more likely to have robust cyber security frameworks — when you can just hack the law firm, where cyber security resources are fewer and far more fragile?

To read the full article, go to Thomson Reuters