In June, a massive cyberattack brought down one of the country's biggest law firms. DLA Piper, its systems ravaged by the Petya ransomware program, was forced to shut down its phones service, email, and internal computer network--potentially costing millions in lost income. Weeks later, the firm was still digging itself out.
Such attacks are increasingly an existential threat to firms of all sizes: the difference between being billing and nothingness. Join us as we discuss this urgent issue.
5. From the perspective of hackers, exactly because
lawyers handle such valuable and sensitive information
belonging to clients, law firms become a one-stop
shop.
-Eli Wald, Legal Ethics Professor (and former BigLaw attorney)
“
”
2016: “The Year of the Legal Data Breach”
Feb. March
Oleras
Alert
Elite Law
Firms
Breached
April
Panama
Papers
May
First known
malpractice
suit
July
DNC Emails
Leaked
December
Chinese
Hackers
Indicted
6. 2017: The Year of Ransomware?
Malware that prevents or limits users from accessing their system,
either by locking the system's screen or by locking the users' files
unless a ransom is paid.
7.
8. 2017: The Year of Ransomware?
May 12, 2017: “WannaCry” ransomeware attack cripples >200,000 computers across
150 countries.
Exploits flaw in Microsoft Windows to encrypt files
Demands 300 Bitcoin payment
Victims:
• FedEx
• Russian Interior Ministry
• Britain’s National Health Service
• German Train Service
9.
10. 2017: The Year of Ransomware?
June 27, 2017: “Petya” or “NotPetya” attack
Mimics Ransomware – First infections in Ukraine
NOT True Ransomware – believed to be designed for disruption
Victims:
• Merck
• Heritage Valley Hospitals
• Cadburys
• DLA Piper
13. • June 27, 2017: Petya ransomware virus
spreads
• DLA Piper’s network is hit, first in Madrid, then
throughout the world
• Email, phone, and computer system shut
down
• June 29: DLA Piper lawyers request extension
in at least five civil cases
• July 3: Email restored, other systems still
coming back online
Petya/NotPetya Shuts Down DLA Piper
14. Lost of Productivity, Billable Hours, Potential
Litigation
• Would you be able to continue working if locked out of your
email, phone, computer network & client files?
• Shore et al v. Johnson & Bell, Ltd: Alleged cybersecurity failings
can lead to malpractice claims
• Moses Afonso Ryan Ltd. v. Sentinel Insurance Co., Ltd.: Will
your insurance policy cover losses from ransomware?
20. Law Firm Cyberinsurance 101
Yes, you probably need it
Your current insurance might have it
(In 5 years, it won’t)
21. Law Firm Cyberinsurance 101
What does your policy cover?
First Party vs. Third Party
Emergency & Expert Services
Notification
Data Restoration
Business Interruption
22. Law Firm Cyberinsurance 101
When Picking a Policy, Know the Terms
(or bring a friend… familiar w/ Insurance Coverage AND Cyber
Security)
Rider on CGL Policy vs. Cyber Liability Policy
Duty to Defend vs. Duty to Reimburse
Responsibility for Expenses
Sub-limits & Exclusions
What Isn’t Covered?
41. More Resources:
For the cybersecurity and eDiscovery
news and tips, interviews with judges
and practitioners, and more, sign up
for Logikcull’s blog, Closing the Loop.
• Learn how the cloud can help secure your practice.
• Learn how cutting-edge technology is reshaping eDiscovery.
• Download our white paper on how to safeguard client data.
• See a demo of Logikcull, the powerfully simply, highly secure
eDiscovery and data management software.
Editor's Notes
Feb - Russian cybercriminal under the name of “Oleras” said to be targeting law firms
March - Wall St. Journal reports that nation’s biggest firms have been hacked, including Cravath and Weil Gotshal
April - The “Panama Papers” are leaked, revealing confidential attorney-client information detailing tax evasion techniques
May - A Chicago-based law firm was sued by a client for cybersecurity flaws that “systematically expos[ed] confidential client information”
July - Emails from the DNC are leaked to Wikileaks. To this day, no one has even the slightest idea of who might have been behind the leaks.
December - DOJ charges three Chinese nationals for insider trading on information hacked from firms
-WannaCry: ransomware cryptoworm that exploited the EternalBlue vulnerability in Windows.
-EternalBlue was discovered by the NSA, then leaked to the public after the NSA was itself hacked
-Shipping and production shut down throughout Europe, at least 16 UK hospitals closed
-WannaCry: ransomware cryptoworm that exploited the EternalBlue vulnerability in Windows.
-EternalBlue was discovered by the NSA, then leaked to the public after the NSA was itself hacked
-Shipping and production shut down throughout Europe, at least 16 UK hospitals closed
-WannaCry: ransomware cryptoworm that exploited the EternalBlue vulnerability in Windows.
-EternalBlue was discovered by the NSA, then leaked to the public after the NSA was itself hacked
-Shipping and production shut down throughout Europe, at least 16 UK hospitals closed
-Attacks concentrated in Russia, Ukraine, and India
-British cybersecurity researcher discovered the malware’s “emergency shut off” switch and activated it before it spread more widely
-Researchers suspect that the attacks came from the Lazarus Group, a hacking collective linked to North Korea.
-Goal: Disruption, not ransom?
-June 5th: DLA Piper issues “Cybersecurity Law Alert” — “WannaCry ransomware attack was just the tip of the iceberg”
-Originally reported as Petya malware, but similarities are largely superficial — thus “NotPetya” moniker adopted by some
-Exploited same Eternal Blue backdoor as Wannacry
-Logikcull ran the numbers: Loss of billable hours in DLA Piper’s DC office alone could cost well over $500,000 a day.
-Shore v. Johnson & Bell - client, a bitcoin exchange company, sued its attorney for poor cybersecurity, alleging the firm had committed malpractice. Case was forced to arbitration.
It is a good idea that law firms sign up for 2-factor for all services /apps that house sensitive data.