www.helpnetsecurity.com
Open in
urlscan Pro
34.214.48.115
Public Scan
Submitted URL: http://link.kirkhamirontech.com/ls/click?upn=NvqH0RkeKm-2BKIv1cx2MIE8qijHAQlxqaYLO0DFfVMFc-2FBi5rySYFT8dITscaBfRBE6FGKv3b3m52mk5...
Effective URL: https://www.helpnetsecurity.com/2023/07/10/law-firm-cyberattack/
Submission: On August 04 via api from US — Scanned from DE
Effective URL: https://www.helpnetsecurity.com/2023/07/10/law-firm-cyberattack/
Submission: On August 04 via api from US — Scanned from DE
Form analysis 1 forms found in the DOM
POST
<form id="mc4wp-form-1" class="mc4wp-form mc4wp-form-244483 mc4wp-ajax" method="post" data-id="244483" data-name="Footer newsletter form">
<div class="mc4wp-form-fields">
<div class="hns-newsletter">
<div class="hns-newsletter__top">
<div class="container">
<div class="hns-newsletter__wrapper">
<div class="hns-newsletter__title">
<i>
<svg class="hic">
<use xlink:href="#hic-plus"></use>
</svg>
</i>
<span>Cybersecurity news</span>
</div>
</div>
</div>
</div>
<div class="hns-newsletter__bottom">
<div class="container">
<div class="hns-newsletter__wrapper">
<div class="hns-newsletter__body">
<div class="row">
<div class="col">
<div class="form-check form-control-lg">
<input class="form-check-input" type="checkbox" name="_mc4wp_lists[]" value="520ac2f639" id="mcs1">
<label class="form-check-label text-nowrap" for="mcs1">Daily Newsletter</label>
</div>
</div>
<div class="col">
<div class="form-check form-control-lg">
<input class="form-check-input" type="checkbox" name="_mc4wp_lists[]" value="d2d471aafa" id="mcs2">
<label class="form-check-label text-nowrap" for="mcs2">Weekly Newsletter</label>
</div>
</div>
</div>
</div>
<div class="form-check form-control-lg mb-3">
<input class="form-check-input" type="checkbox" name="_mc4wp_lists[]" value="28abe5d9ef" id="mcs3">
<label class="form-check-label" for="mcs3">(IN)SECURE - monthly newsletter with top articles</label>
</div>
<div class="input-group mb-3">
<input type="email" name="email" id="email" class="form-control border-dark" placeholder="Please enter your e-mail address" aria-label="Please enter your e-mail address" aria-describedby="hns-newsletter-submit-btn" required="">
<button class="btn btn-dark rounded-0" type="submit" id="hns-newsletter-submit-btn">Subscribe</button>
</div>
<div class="form-check">
<input class="form-check-input" type="checkbox" name="AGREE_TO_TERMS" value="1" id="mcs4" required="">
<label class="form-check-label" for="mcs4">
<span>I have read and agree to the <a href="https://www.helpnetsecurity.com/newsletter/" target="_blank" rel="noopener" class="d-inline-block">terms & conditions</a>
</span>
</label>
</div>
</div>
</div>
</div>
</div>
</div><label style="display: none !important;">Leave this field empty if you're human: <input type="text" name="_mc4wp_honeypot" value="" tabindex="-1" autocomplete="off"></label><input type="hidden" name="_mc4wp_timestamp"
value="1691154569"><input type="hidden" name="_mc4wp_form_id" value="244483"><input type="hidden" name="_mc4wp_form_element_id" value="mc4wp-form-1">
<div class="mc4wp-response"></div>
</form>Text Content
searchtwitterarrow rightmail strokearrow leftmail solidfacebooklinkedinplusangle upmagazine plus * News * Features * Expert analysis * Videos * Events * Whitepapers * Industry news * Product showcase * Newsletters * * * Helga Labus, Managing Editor, Help Net Security July 10, 2023 Share LAW FIRMS UNDER CYBERATTACK In April 2023, Australian law firm HWL Ebsworth was hit by a cyberattack that possibly resulted in data of hundreds of its clients and dozens of government agencies being compromised. The attack was claimed by the Russian-linked ALPHV/Blackcat ransomware group. “Earlier this month, the group published 1.1TB of the data it claimed to have stolen, later established to be 3.6TB worth of data,” Guardian Australia reported. Throughout January and February of 2023, eSentire, deflected 10 cyberattacks hitting six different law firms. “The attacks emanated from two separate threat campaigns. One campaign attempted to infect law firm employees with the GootLoader malware. The other campaign hit law firm employees and other victims with the SocGholish malware,” the company revealed. In both cases, the malware was distributed via compromised WordPress websites that legal professionals are likely to visit, and was disguised as agreement/contract templates and (fake) Chrome security updates. WHY IS A LAW FIRM AN ATTRACTIVE TARGET FOR A CYBERATTACK? As the UK National Cyber Security Centre (NCSC) noted in a recent report focusing on cyber threats to the legal sector, law firms handle sensitive client information that cybercriminals may find useful, including exploiting opportunities for insider trading, gaining the upper hand in negotiations and litigation, or subverting the course of justice. The potential consequences of such breaches can be severe, as the disruption of business operations can incur substantial costs. Ransomware gangs specifically target law firms to extort money in exchange for allowing the restoration of business operations. In 2020, the Solicitors Regulation Authority (SRA) published a cybersecurity review revealing that 30 out of 40 of the law firms they visited have been victims of a cyberattack. In the remaining ten, cybercriminals have directly targeted their clients through legal transactions. “While not all incidents culminated in a financial loss for clients, 23 of the 30 cases in which firms were directly targeted saw a total of more than £4m [$5m+] of client money stolen,” the SRA noted. “The financial impact of a loss of data is more difficult to calculate, but we found these often resulted in indirect financial costs. For example, one firm lost around £150,000 [$190,000] worth of billable hours following an attack which crippled their system.” The importance of maintaining a reputable image also makes legal practices appealing targets for extortion attempts. WHO’S TARGETING LAW FIRMS AND HOW? Law firms are targeted by cybercriminals, who seek to exploit vulnerabilities for financial gain; nation states, interested in gathering intelligence or gaining an advantage in geopolitical conflicts; and hacktivists, who aim to disrupt or expose activities they deem unethical. Law firms also have to worry about insider threats – (former) employees or associates who may misuse or leak sensitive information. Law firms receive and send a significant number of emails on a daily basis. This high volume of correspondence creates an opportunity for cybercriminals to exploit the situation by leveraging phishing or business email compromise (BEC) attacks, thus stealing sensitive information, such as access credentials, valuable data, or other confidential details. “Law firms are attractive targets for BEC because they often transfer significant sums of money, or ask to view sensitive documents such as financial records, contracts and designs. They are also generally seen as trustworthy and authoritative, two qualities that attackers can make use of when devising a phishing attack,” the NCSC noted. Law firms handle highly sensitive information, and cybercriminals exploit this vulnerability by employing ransomware and other malware, expecting that the victims will choose to pay the ransom to prevent the publication of their sensitive data online. They are not wrong: According to recent Trend Micro and Waratah Analytics research, legal firms are more likely to give in to ransom demands when compared to other industries (except the financial industry). Password attacks are also frequent among law firms, primarily attributed to security vulnerabilities such as password reuse, weak passwords, excessive permissions, open access, and the absence of multi-factor authentication (MFA). Another vulnerability stems from the reliance of legal practices, particularly smaller ones, on external IT service providers. They often lack the ability to evaluate the security of these systems, making them susceptible to supply chain attacks. “By far the greatest supply chain issue is a third party failing to adequately secure the systems that hold your sensitive data,” the NCSC noted. “Whilst you might be implementing cyber security effectively within your own organisation, you’re exposed to numerous risks if your suppliers (or other third party in your supply chain) have not done the same.” NCSC’s report provides and points to helpful cybersecurity guidance and tools for organizations in the legal sector. More about * cyberattack * data breach * eSentire * law firms * NCSC * ransomware * Trend Micro * Waratah Share this FEATURED NEWS * Google makes removal of personal user info from Search easier * August 2023 Patch Tuesday forecast: Software security improvements * Multi-modal data protection with AI’s help Free entry-level cybersecurity training and certification exam SPONSORED EBOOK: 9 WAYS TO SECURE YOUR CLOUD APP DEV PIPELINE FREE ENTRY-LEVEL CYBERSECURITY TRAINING AND CERTIFICATION EXAM GUIDE: ATTACK SURFACE MANAGEMENT (ASM) DON'T MISS GOOGLE MAKES REMOVAL OF PERSONAL USER INFO FROM SEARCH EASIER AUGUST 2023 PATCH TUESDAY FORECAST: SOFTWARE SECURITY IMPROVEMENTS MULTI-MODAL DATA PROTECTION WITH AI’S HELP THE DIRECT IMPACT OF CYBERATTACKS ON PATIENT SAFETY AND CARE DELIVERY RUSSIAN APT PHISHED GOVERNMENT EMPLOYEES VIA MICROSOFT TEAMS Cybersecurity news Daily Newsletter Weekly Newsletter (IN)SECURE - monthly newsletter with top articles Subscribe I have read and agree to the terms & conditions Leave this field empty if you're human: © Copyright 1998-2023 by Help Net Security Read our privacy policy | About us | Advertise Follow us ×