Law firms are increasingly the target of data breaches
September 13, 2019
The Australian in Anxiety rising as law firms confirm cyber breaches reports on a survey conducted by the Australian Legal Practice Management Association and GlobalX that found almost 20 per cent of Australian law firms that responded had been victims of a cybersecurity breach. This figure is consistent with US findings, such as the Australian Bar Association 2017 Legal Technology Survey.
This is hardly news. The American Bar released a report in January 2019 dealing with the threat to US law firms which also set out in a practical terms processes and systems which reduce a law firms exposure to a data security. Australian law societies have come some way in doing something similar but not to the same extent. Unfortunately there seems to be a cultural problem with law firms resisting spending enough on IT security, spending what budgets they have badly and generally failing to develop and maintain decent privacy and data protection policies. Training tends to be superficial and irregular. Given the weakest part of any cyber defence is the humans manning the phones, responding to emails and operating the computers this is commonly a disaster waiting to happen. Often the usual targets for phishing targets, junior administrative staff are ill prepared for an attack.
Law firms are particularly prone to phishing and hacking of email accounts. Law firms, particularly those with a focus on commercial and property law, hold significant sums and bank details. Law firms are also prone to ransomware. In 2017 DLA Piper suffered a ransomware attack which forced it to shut down its world wide digital operations.
The other problem with law firms’ data security is the Read the rest of this entry »