SlideShare a Scribd company logo

Top Law Firm Cyber Attacks Throughout History

Protected Harbor
Protected Harbor

Explore the gripping history of cyberattacks targeting leading law firms. Uncover motives, methods, and consequences behind notorious breaches. Discover the cutting-edge strategies employed to defend against cyber threats. This ebook is an essential resource for legal professionals, cybersecurity experts, and anyone interested in the dynamic intersection of law and technology. It sheds light on the evolving nature of cybercrime and emphasizes the critical importance of proactive cybersecurity measures in today's digital era.

Services
1 of 9
Download to read offline
TOP LAW FIRM CYBER ATTACKS THROUGHOUT HISTORY
WHY WILL LAW FIRMS CONTINUE TO BE A PRIME TARGET? INTRODUCTION Experts believe we are on the verge of a cybersecurity catastrophe. Hackers and scammers are at an all-time high with the frequency and sophistication of their cyber-attacks. Criminals have never had easier than today’s technology to try and exploit potential victims’ security flaws. Various individuals as well as organizations are being attacked, and law firms are no exception. According to a survey conducted by the American Bar Association (ABA), the number of law firms that had experienced a cybersecurity breach in 2020 has increased from 26% in 2019 to now 29%. This means that enhancing cybersecurity is more of a necessity than ever before, especially for law firms with high-profile clients like Google. The threats posed by hackers and other hostile actors are becoming more widely recognized in the legal community. These criminals attack law firms of all sizes, including those on the larger scale finding that law firms aren’t responding quickly enough to the growing threat. The answer to this is simple: law firms hold sensitive information about their clients, and they store this information in databases that can be accessed or stolen by hackers. Cybercriminals target law firms to sell sensitive client information on the Dark Web or use it to try and extort clients. Furthermore, law firms often handle large amounts of money and confidential documents making them prime targets for phishing scams and ransomware attacks.
JP MORGAN CHASE FAMOUS TOP LAW FIRM CYBER-ATTACKS Let's take a look at some of the most well-known law firm security breaches in the world: MOSSACK FONSESCA & THE PANAMA PAPERS The Panama Papers have been described as one of the biggest leaks in journalism history. The leak revealed how some of the world's wealthiest people have been using tax havens in order to hide their wealth. The revelations led to protests in Iceland and more than 10 high-profile resignations, including that of Iceland's prime minister. According to reports, the breaches included 11.5 million classified records from the 1970s to late 2015. Mossack Fonseca told the BBC their firm had been hacked by servers based abroad and that it was working alongside Panamanian authorities to investigate the incident and made no other comments in regard to the situation. The Panama Papers also led to protests across Iceland and other countries where people called for transparency over political leaders' financial interests. The JP Morgan Chase cyber security incident in 2014 was one of the most publicized data breaches to date. The attack involved the theft of sensitive personal information belonging to more than 76 million households and seven million small businesses through a sophisticated breach on its servers. It was the hack heard 'round the globe due it’s success in breaking the world’s largest bank. Names, addresses, phone numbers, email addresses, and private, internal user information was hacked in more than half of all U.S. households in 2014. The hackers even gained "root" rights on more than 90 of the bank's servers. Root rights or rooting grants a hacker to access to any Android operating systems. This gives the hacker access to manipulate any software codes or to install new software that, for example, this bank wouldn’t normally do. This allowed them to move money and terminate accounts. The final hacker was apprehended in 2016 in New York, but their wire fraud and money laundering totaled more than $100 million between the years 2014 and 2016.
OLERAS PHISHING CAMPAIGN AGAINST LAW FIRMS UPMC PATIENTS In 2016, a cybercriminal using the alias Oleras conducted a spear-phishing cam- paign against top law firms. The hacker attempted to recruit accomplices through the criminal underground in order to assist him in breaching law firms' defenses and looking for pending agreements using keywords. Oleras presented a strategy to run keyword searches in law firm computer networks for papers that includ- ed merger information, offering a hacker $100,000 plus extra 45,000 rubles ($564). But first, the hacker would have to gain access to the law firm's computer networks. Oleras is said to have advised spear-phishing assaults on employees who had submitted their names, email addresses, and social media account information. The scheme started with an email first sent to the firm's client that included malware. Once opened, the malware would collect information about the user and send it back to Oleras. Then Oleras would use that information to access the law firm's network and transfer funds from trust accounts into his accounts. The firm recovered most of its money, but not before paying a $5 million ransom to Oleras for his silence. A group of hackers managed to breach the email accounts of multiple doctors in order to gain access to sensitive patient medical data. CJH (Charles J. Hilton, P.C. Attorney at Law) sent UPMC (University of Pittsburgh Medical Center) a breach report in December 2020, confirming that the people who broke into the email accounts did have access to patient data. The data utilized by CJH to offer its contracted billing-related legal services to UPMC was among the patient information compromised in the assault. The breach has exposed personal data of patients. However, it's unclear how many patients were affected by this attack, but experts believe it could be millions.
MOSES AFONSO RYAN LTD & THE RANSOMWARE ATTACK According to a lawsuit filed in U.S. District Court, an unknown person or possibly group kept a Providence law practice hostage for months by encrypting their files and demanding a $25,000 ransom in anonymous cyber money for recovery access. The firm's billing system and documents were specifically blocked, making it impossible for clients to pay and vital financial information to be accessible. Because the value of the encrypted material was so high, the legal firm's officials decided to give in to the hackers' demands. They paid the hackers in Bitcoins, but they did not supply the decryption key and went on to demand more money. The law firm made arrangements to buy more bitcoins in return for various tools to recover its records, hoping that the insurer would reimburse them for all of their costs. They unfortunately did not. CONCLUSION It's vital to remember that cybercriminals stand to gain a lot by harming your business, and their chance of being discovered is low. The perpetrators are rarely apprehended, and some businesses never recover. Both large and small law firms are at risk. When a security breach occurs, the only thing a company can do is notify their clients and try to determine how much information was compromised. Prevention should be preferred over damage control, though some businesses think otherwise. Don’t become a victim. Take the proper steps to ensure that you know how data loss can occur and what you can do to protect your networks, databases, and staff accounts from being next on the hit list.
Ransomware attack shut down this lawfirm and put them on the defensive. Refused to pay $200k ransom 4.8 terabytes of data recovered Decresed I.T. costs by 50% Esbin & Feinmesser, PLLC is a boutique law firm that prides itself on offering legal and advisory services that match those of large corporate firms while crafting a more personal experience for its clients. Being in practice for over 20 years, they have a lot to protect. Partner Scott Esbin explains, “as a law firm, we're just inherently conservative about putting our data and files in somebody else’s hands. There's a whole host of rules that we have to abide by in terms of client confidence and security. Law firms can be brought down ultimately, and lawyers could theoretically be sanctioned if they're not careful about how they treat their data.” With all the news in 2019 of the cyber-attacks on corporate giants like Facebook and Citibank, his firm’s security was weighing heavily on his mind. Esbin knew that in the event of an attack, he would be faced with many tough conversations not only with his employees but with his clients. If he were to lose his clients confidence, it would be likely that he would have to close his business for good. Despite the trend at the time toward cloud-based storage, Esbin wasn’t convinced it was the proper course for his firm. He found an IT provider he thought could help. The vendor seemed like a good fit for Esbin & Feinmesser initially, but things began to shift over time. There was no cohesive, intentionally-developed plan to achieve the organization’s goals and satisfy its security needs. The proposed solutions were often a quick-fix of new software with more equipment. Esbin & Feinmesser housed their data in the office to circumvent Esbin’s fears about cloud technology. They had more machines in the office than employees. There was way too much volume with no design, so it was not enough to keep the business safe—and those choices cost Esbin dearly. “We had to pay for our licenses. We had to pay for people to come in. We had to pay for hardware when a computer would bust. It was expensive. I would have spent $50,000 - $100,000 more on computers and, licensing, other costs.” Esbin recalls. Then in March of 2020, what Esbin had always feared, happened... ThisLawyer'sDataGotHeldRansomfor$200,000. ThenHeCalledProtectedHarbor. CHALLENGES INTRODUCTION ATAGLANCE
CHALLENGES (continued) “We got hacked,” Esbin shared. “We couldn't access email. We couldn't access our servers. It was like somebody came in and put a giant padlock on all of our stuff. We still, to this day, don't know exactly how it happened. We think it was a bad attachment somebody opened.” Rather than giving in to the ransom of $200,000.00 USD, Esbin immediately knew he needed a new IT provider that could help him regain access to his business. Still, more than anything, he needed better protection so this could not happen again. Though keeping the servers in his office did not prevent intruders, he still had doubts about cloud-based storage. Protected Harbor sat down with Esbin and listened to his concerns. He worried if his data was safer sitting next to him in the office or the cloud. How could the firm stay safe? How can he make sure this doesn’t happen again? How could he keep an employee from making a mistake that may take down the company? “We've slashed our technology budget by half, sending it back to the employees. We’ve redeployed those funds to things like healthcare, salaries, and bonuses for the staff.” Scott Esbin, Partner Esbin & Feinmesser, PLLC Solutions Protected Harbor calmed these fears quickly by explaining how the process would work, why cloud-based storage was safer, and how they would protect him from future attacks with monitoring and redundancies. Then they collaborated to put the pieces of Esbin & Feinmesser back together. Nick Solimando, Director of Technology at Protected Harbor, said he believes “ransomware hit the servers in our client’s office. It got down to cryptic system files to the point where servers wouldn't even function properly and wouldn't boot up properly. None of their file shares were functional.” Fortunately, none of their data was leaked and some of the data was not infected severely so that Protected Harbor could still look at those files. The equipment, on the other hand was now essentially scrapped metal. Solimando illustrated Esbin & Feinmesser’s new security measures saying, “Our goal is to put clients in a protective bubble. We don't want you to worry about the IT—so you can focus on your business.” Protected Harbor always starts with an audit of the client’s current system and what their needs are. This migration was unique because Esbin came with only pieces of data, and the plans were down. So, Protected Harbor analyzed the entire picture to see what was salvageable and asked Esbin what functions were most important for recovery. “We have a lot of unique programs that we use that are proprietary,” Esbin immediately answered. “They're unique to us; we own them. If I don't have them, I don't operate.” In the end, Protected Harbor worked with Esbin’s programmers to reconnect and successfully integrate the custom application. Protected Harbor was able to recover 4.8 terabytes of data and only 200 gigabytes were ultimately lost. They managed to retrieve a suitable backup file about two months old, but it was valid and able to be restored. Out of roughly ten years’ worth of data, Esbin was only missing a small fraction worth of data. Their system was restored, and they are still operational.
Solutions (continued) Protected Harbor even worked with end-users to recreate their environments so that their files and access were back to normal after less than a month. As Esbin & Feinmesser’s systems returned online, they needed to be fully protected. “We put them in a virtual environment in our data center and gave him his dedicated virtual network. So it's just him in there, nothing else. He's segregated and isolated.” Solimando elaborated. Malware scanning and monitoring are a part of Protected Harbor’s default environment. The monitoring services are comprehensive and prevent threats instead of reacting to them. Esbin now benefits from constant monitoring for things like RAM, CPU, and disk space to ensure everything is performing as it should. If it’s lagging, Protected Harbor is already looking into it and resolving the issue before the end-user is impacted. Known malicious IP addresses, attack vectors, and even whole countries are blocked out, not allowing anything to penetrate their network. Redundant internet, firewalls, switches, virtualization nodes, backup architecture, and mechanisms help prevent errors and maximize uptime. If there is an issue, the backup files are completely inaccessible from where the admin users are. “Most likely, the ransomware they got hit with before would never even reach the server today,” Solimando assures. “It would get stopped by one of the protections upstream from them. If it got through all of that, we would be able to recover them inside of a day, probably less than 12 hours.” THERESULT Today Esbin is grateful that the hack happened when and how it did. He quotes, “‘Fear is the mind-killer.’ It’s a line from a movie called Dune, but I think that's probably the biggest lesson I've learned from this. I think that we were lucky that we got hacked. It's true because having what we have now works better than anything we've had in the past.” The lesson cost was high, but Esbin recognizes that the infiltration they experienced could have been much worse. Fortunately, none of his client data was taken or accessed. It was locked away, so hackers could not access it without Protected Harbor’s services. Esbin has a new confidence level as he knows his business is adequately protected. He has the support he needs, and when his company grows or changes, Protected Harbor will design a solution for him based on his individual needs. There’s always someone to answer Esbin’s calls, even for help with the simple things that cause significant problems, like figuring out how to print on both sides of the page. He’s received all the personal service and hands-on assistance he needs. The cost savings with Protected Harbor is also significant. Esbin was pleased that while he’s reduced his IT costs by roughly 50%, he has gained security, expert assistance when needed, and more peace of mind.
ABOUT PROTECTED HARBOR Protected Harbor provides customized data center infrastructure management and appli-cation migration support to businesses looking to scale their technology and bottom line. With over 15 years of service and a 99.99% uptime record, our team is fully committed to creating, maintaining, and managing the high-est quality application operations environment experiences. Your uptime is our focus. Our 90+ Net Promoter Score, and 95% client retention rate back up that claim. Our Protected Data Center is an integrated suite of managed services focused on the uptime of your appli-cation at the lowest possi-ble cost, regardless of location, and cloud pro-vider. From infrastructure design to network operations including security, storage, connec-tivity, remediation, monitoring, and more. Protected Data Center provides end-to-end support to secure deployments of complex enterprise applica-tions to protect your tech-nology infrastructure investments. Like everyone else, we o� er Cybersecurity, Enterprise Networking, Infrastructure Design, Network Con� guration, Monitoring, Customized Protected Cloud, Change Management, & Protection & Recovery.Unlike everyone else, we listen, learn, think, and do not blindly deploy. Focusing on durability and uptime, we design a custom architecture solution integrated with a seamless migration process. The entire time we keep your business up and running with our proprietary application outage avoidance methodology (AOA) providing redundancy and high availability.Protected Data Center features a global helpdesk with level 1, 2 & 3 support, 24/7 NOC, a Tier 3 Data Center, best-in-breed CMDB solutions, and years of experience & knowledge from working with leading technology companies. Protected Harbor, Inc., 60 Dutch Hill Road, Suite 16, Orange- burg, NYSuite 16, Orangeburg, NY Email: sales@protectedharbor.com Phone: +1 201-957-1616

Recommended

Cyber Security Incident Response Planning
Cyber Security Incident Response PlanningCyber Security Incident Response Planning
Cyber Security Incident Response PlanningPECB
 
Critical Update Needed: Cybersecurity Expertise in the Boardroom
Critical Update Needed: Cybersecurity Expertise in the BoardroomCritical Update Needed: Cybersecurity Expertise in the Boardroom
Critical Update Needed: Cybersecurity Expertise in the BoardroomStanford GSB Corporate Governance Research Initiative
 
Cybersecurity White Paper 05_2016
Cybersecurity White Paper 05_2016Cybersecurity White Paper 05_2016
Cybersecurity White Paper 05_2016Jennifer Sharf Adler
 
Identity Theft Red Flags Rule for Business
Identity Theft Red Flags Rule for BusinessIdentity Theft Red Flags Rule for Business
Identity Theft Red Flags Rule for BusinessHerring Consulting & Financial Group
 
List of data breaches and cyber attacks in january 2022
List of data breaches and cyber attacks in january 2022List of data breaches and cyber attacks in january 2022
List of data breaches and cyber attacks in january 2022ndcmanagement
 
The Protected Harbor 2022 Legal Services Data Breach Trend Report (2).pdf
The Protected Harbor 2022 Legal Services Data Breach Trend Report (2).pdfThe Protected Harbor 2022 Legal Services Data Breach Trend Report (2).pdf
The Protected Harbor 2022 Legal Services Data Breach Trend Report (2).pdfProtected Harbor
 
IDT Red Flags White Paper By Wrf
IDT Red Flags White Paper By WrfIDT Red Flags White Paper By Wrf
IDT Red Flags White Paper By WrfBucacci Business Solutions
 
Databreach forecast
Databreach forecastDatabreach forecast
Databreach forecastSuresh Kesavan
 

Recommended

Cyber Security Incident Response Planning
Cyber Security Incident Response PlanningCyber Security Incident Response Planning
Cyber Security Incident Response PlanningPECB
 
Critical Update Needed: Cybersecurity Expertise in the Boardroom
Critical Update Needed: Cybersecurity Expertise in the BoardroomCritical Update Needed: Cybersecurity Expertise in the Boardroom
Critical Update Needed: Cybersecurity Expertise in the BoardroomStanford GSB Corporate Governance Research Initiative
 
Cybersecurity White Paper 05_2016
Cybersecurity White Paper 05_2016Cybersecurity White Paper 05_2016
Cybersecurity White Paper 05_2016Jennifer Sharf Adler
 
Identity Theft Red Flags Rule for Business
Identity Theft Red Flags Rule for BusinessIdentity Theft Red Flags Rule for Business
Identity Theft Red Flags Rule for BusinessHerring Consulting & Financial Group
 
List of data breaches and cyber attacks in january 2022
List of data breaches and cyber attacks in january 2022List of data breaches and cyber attacks in january 2022
List of data breaches and cyber attacks in january 2022ndcmanagement
 
The Protected Harbor 2022 Legal Services Data Breach Trend Report (2).pdf
The Protected Harbor 2022 Legal Services Data Breach Trend Report (2).pdfThe Protected Harbor 2022 Legal Services Data Breach Trend Report (2).pdf
The Protected Harbor 2022 Legal Services Data Breach Trend Report (2).pdfProtected Harbor
 
IDT Red Flags White Paper By Wrf
IDT Red Flags White Paper By WrfIDT Red Flags White Paper By Wrf
IDT Red Flags White Paper By WrfBucacci Business Solutions
 
Databreach forecast
Databreach forecastDatabreach forecast
Databreach forecastSuresh Kesavan
 
Protecting Your Law Office Against Data Breaches and Other Cyber Threats
Protecting Your Law Office Against Data Breaches and Other Cyber ThreatsProtecting Your Law Office Against Data Breaches and Other Cyber Threats
Protecting Your Law Office Against Data Breaches and Other Cyber ThreatsBlake A. Klinkner
 
Case in PointInaction Caused Costly Hacking At Large Retailer.docx
Case in PointInaction Caused Costly Hacking At Large Retailer.docxCase in PointInaction Caused Costly Hacking At Large Retailer.docx
Case in PointInaction Caused Costly Hacking At Large Retailer.docxcowinhelen
 
Breach level index_report_2017_gemalto
Breach level index_report_2017_gemaltoBreach level index_report_2017_gemalto
Breach level index_report_2017_gemaltoJonas Mercier
 
Cybercriminals Are Lurking
Cybercriminals Are LurkingCybercriminals Are Lurking
Cybercriminals Are LurkingCharlie Lewis M.S.
 
Cybercrime blog
Cybercrime blogCybercrime blog
Cybercrime blogCharlie Lewis M.S.
 
mbiz122710_bitsec
mbiz122710_bitsecmbiz122710_bitsec
mbiz122710_bitsecbitsec
 
Logikcull Webinar: Preventing the Next Panama Papers
Logikcull Webinar: Preventing the Next Panama PapersLogikcull Webinar: Preventing the Next Panama Papers
Logikcull Webinar: Preventing the Next Panama PapersLogikcull.com
 
Baker Tilly Presents: Emerging Trends in Cybersecurity
Baker Tilly Presents: Emerging Trends in CybersecurityBaker Tilly Presents: Emerging Trends in Cybersecurity
Baker Tilly Presents: Emerging Trends in CybersecurityBakerTillyConsulting
 
iStart feature: Protect and serve how safe is your personal data?
iStart feature: Protect and serve how safe is your personal data?iStart feature: Protect and serve how safe is your personal data?
iStart feature: Protect and serve how safe is your personal data?Hayden McCall
 
Data Security Read the article below and answer the following questi.pdf
Data Security Read the article below and answer the following questi.pdfData Security Read the article below and answer the following questi.pdf
Data Security Read the article below and answer the following questi.pdfinfo48697
 
Case 11. What exactly occurred Twitter is one of popular soci.docx
Case 11. What exactly occurred Twitter is one of popular soci.docxCase 11. What exactly occurred Twitter is one of popular soci.docx
Case 11. What exactly occurred Twitter is one of popular soci.docxtidwellveronique
 
2015 Labris SOC Annual Report
2015 Labris SOC Annual Report2015 Labris SOC Annual Report
2015 Labris SOC Annual ReportLabris Networks
 
Hacker Defense: How to Make Your Law Firm a Harder Target
Hacker Defense: How to Make Your Law Firm a Harder TargetHacker Defense: How to Make Your Law Firm a Harder Target
Hacker Defense: How to Make Your Law Firm a Harder TargetLexisNexis
 
What's new with Cybersecurity in Singapore?
What's new with Cybersecurity in Singapore? What's new with Cybersecurity in Singapore?
What's new with Cybersecurity in Singapore? Abraham Vergis
 
Cyber crime ppt
Cyber crime pptCyber crime ppt
Cyber crime pptRitesh Thakur
 
Cybercrime issue
Cybercrime issueCybercrime issue
Cybercrime issueLhara Batacandolo
 
Updated Cyber Security and Fraud Prevention Tools Tactics
Updated Cyber Security and Fraud Prevention Tools TacticsUpdated Cyber Security and Fraud Prevention Tools Tactics
Updated Cyber Security and Fraud Prevention Tools TacticsBen Graybar
 
Rise of cyber security v0.1
Rise of cyber security v0.1Rise of cyber security v0.1
Rise of cyber security v0.1Sohail Gohir
 
Cyber Crime and a Case Study
Cyber Crime and a Case StudyCyber Crime and a Case Study
Cyber Crime and a Case StudyPratham Jaiswal
 
Privacy Presentation for SOCAP-3
Privacy Presentation for SOCAP-3Privacy Presentation for SOCAP-3
Privacy Presentation for SOCAP-3Gary Kazmer
 
10-Step Cloud Migration Checklist pdf...
10-Step Cloud Migration Checklist pdf...10-Step Cloud Migration Checklist pdf...
10-Step Cloud Migration Checklist pdf...Protected Harbor
 
SECURITY THE POWER OF MULTI-FACTOR AUTHENTICATION
SECURITY THE POWER OF MULTI-FACTOR AUTHENTICATIONSECURITY THE POWER OF MULTI-FACTOR AUTHENTICATION
SECURITY THE POWER OF MULTI-FACTOR AUTHENTICATIONProtected Harbor
 

More Related Content

Similar to Top Law Firm Cyber Attacks Throughout History

Protecting Your Law Office Against Data Breaches and Other Cyber Threats
Protecting Your Law Office Against Data Breaches and Other Cyber ThreatsProtecting Your Law Office Against Data Breaches and Other Cyber Threats
Protecting Your Law Office Against Data Breaches and Other Cyber ThreatsBlake A. Klinkner
 
Case in PointInaction Caused Costly Hacking At Large Retailer.docx
Case in PointInaction Caused Costly Hacking At Large Retailer.docxCase in PointInaction Caused Costly Hacking At Large Retailer.docx
Case in PointInaction Caused Costly Hacking At Large Retailer.docxcowinhelen
 
Breach level index_report_2017_gemalto
Breach level index_report_2017_gemaltoBreach level index_report_2017_gemalto
Breach level index_report_2017_gemaltoJonas Mercier
 
mbiz122710_bitsec
mbiz122710_bitsecmbiz122710_bitsec
mbiz122710_bitsecbitsec
 
Logikcull Webinar: Preventing the Next Panama Papers
Logikcull Webinar: Preventing the Next Panama PapersLogikcull Webinar: Preventing the Next Panama Papers
Logikcull Webinar: Preventing the Next Panama PapersLogikcull.com
 
Baker Tilly Presents: Emerging Trends in Cybersecurity
Baker Tilly Presents: Emerging Trends in CybersecurityBaker Tilly Presents: Emerging Trends in Cybersecurity
Baker Tilly Presents: Emerging Trends in CybersecurityBakerTillyConsulting
 
iStart feature: Protect and serve how safe is your personal data?
iStart feature: Protect and serve how safe is your personal data?iStart feature: Protect and serve how safe is your personal data?
iStart feature: Protect and serve how safe is your personal data?Hayden McCall
 
Data Security Read the article below and answer the following questi.pdf
Data Security Read the article below and answer the following questi.pdfData Security Read the article below and answer the following questi.pdf
Data Security Read the article below and answer the following questi.pdfinfo48697
 
Case 11. What exactly occurred Twitter is one of popular soci.docx
Case 11. What exactly occurred Twitter is one of popular soci.docxCase 11. What exactly occurred Twitter is one of popular soci.docx
Case 11. What exactly occurred Twitter is one of popular soci.docxtidwellveronique
 
2015 Labris SOC Annual Report
2015 Labris SOC Annual Report2015 Labris SOC Annual Report
2015 Labris SOC Annual ReportLabris Networks
 
Hacker Defense: How to Make Your Law Firm a Harder Target
Hacker Defense: How to Make Your Law Firm a Harder TargetHacker Defense: How to Make Your Law Firm a Harder Target
Hacker Defense: How to Make Your Law Firm a Harder TargetLexisNexis
 
What's new with Cybersecurity in Singapore?
What's new with Cybersecurity in Singapore? What's new with Cybersecurity in Singapore?
What's new with Cybersecurity in Singapore? Abraham Vergis
 
Updated Cyber Security and Fraud Prevention Tools Tactics
Updated Cyber Security and Fraud Prevention Tools TacticsUpdated Cyber Security and Fraud Prevention Tools Tactics
Updated Cyber Security and Fraud Prevention Tools TacticsBen Graybar
 
Rise of cyber security v0.1
Rise of cyber security v0.1Rise of cyber security v0.1
Rise of cyber security v0.1Sohail Gohir
 
Cyber Crime and a Case Study
Cyber Crime and a Case StudyCyber Crime and a Case Study
Cyber Crime and a Case StudyPratham Jaiswal
 
Privacy Presentation for SOCAP-3
Privacy Presentation for SOCAP-3Privacy Presentation for SOCAP-3
Privacy Presentation for SOCAP-3Gary Kazmer
 

Similar to Top Law Firm Cyber Attacks Throughout History (20)

Protecting Your Law Office Against Data Breaches and Other Cyber Threats
Protecting Your Law Office Against Data Breaches and Other Cyber ThreatsProtecting Your Law Office Against Data Breaches and Other Cyber Threats
Protecting Your Law Office Against Data Breaches and Other Cyber Threats
 
Case in PointInaction Caused Costly Hacking At Large Retailer.docx
Case in PointInaction Caused Costly Hacking At Large Retailer.docxCase in PointInaction Caused Costly Hacking At Large Retailer.docx
Case in PointInaction Caused Costly Hacking At Large Retailer.docx
 
Breach level index_report_2017_gemalto
Breach level index_report_2017_gemaltoBreach level index_report_2017_gemalto
Breach level index_report_2017_gemalto
 
Cybercriminals Are Lurking
Cybercriminals Are LurkingCybercriminals Are Lurking
Cybercriminals Are Lurking
 
Cybercrime blog
Cybercrime blogCybercrime blog
Cybercrime blog
 
mbiz122710_bitsec
mbiz122710_bitsecmbiz122710_bitsec
mbiz122710_bitsec
 
Logikcull Webinar: Preventing the Next Panama Papers
Logikcull Webinar: Preventing the Next Panama PapersLogikcull Webinar: Preventing the Next Panama Papers
Logikcull Webinar: Preventing the Next Panama Papers
 
Baker Tilly Presents: Emerging Trends in Cybersecurity
Baker Tilly Presents: Emerging Trends in CybersecurityBaker Tilly Presents: Emerging Trends in Cybersecurity
Baker Tilly Presents: Emerging Trends in Cybersecurity
 
iStart feature: Protect and serve how safe is your personal data?
iStart feature: Protect and serve how safe is your personal data?iStart feature: Protect and serve how safe is your personal data?
iStart feature: Protect and serve how safe is your personal data?
 
Data Security Read the article below and answer the following questi.pdf
Data Security Read the article below and answer the following questi.pdfData Security Read the article below and answer the following questi.pdf
Data Security Read the article below and answer the following questi.pdf
 
Case 11. What exactly occurred Twitter is one of popular soci.docx
Case 11. What exactly occurred Twitter is one of popular soci.docxCase 11. What exactly occurred Twitter is one of popular soci.docx
Case 11. What exactly occurred Twitter is one of popular soci.docx
 
2015 Labris SOC Annual Report
2015 Labris SOC Annual Report2015 Labris SOC Annual Report
2015 Labris SOC Annual Report
 
Hacker Defense: How to Make Your Law Firm a Harder Target
Hacker Defense: How to Make Your Law Firm a Harder TargetHacker Defense: How to Make Your Law Firm a Harder Target
Hacker Defense: How to Make Your Law Firm a Harder Target
 
What's new with Cybersecurity in Singapore?
What's new with Cybersecurity in Singapore? What's new with Cybersecurity in Singapore?
What's new with Cybersecurity in Singapore?
 
Cyber crime ppt
Cyber crime pptCyber crime ppt
Cyber crime ppt
 
Cybercrime issue
Cybercrime issueCybercrime issue
Cybercrime issue
 
Updated Cyber Security and Fraud Prevention Tools Tactics
Updated Cyber Security and Fraud Prevention Tools TacticsUpdated Cyber Security and Fraud Prevention Tools Tactics
Updated Cyber Security and Fraud Prevention Tools Tactics
 
Rise of cyber security v0.1
Rise of cyber security v0.1Rise of cyber security v0.1
Rise of cyber security v0.1
 
Cyber Crime and a Case Study
Cyber Crime and a Case StudyCyber Crime and a Case Study
Cyber Crime and a Case Study
 
Privacy Presentation for SOCAP-3
Privacy Presentation for SOCAP-3Privacy Presentation for SOCAP-3
Privacy Presentation for SOCAP-3
 

More from Protected Harbor

10-Step Cloud Migration Checklist pdf...
10-Step Cloud Migration Checklist pdf...10-Step Cloud Migration Checklist pdf...
10-Step Cloud Migration Checklist pdf...Protected Harbor
 
SECURITY THE POWER OF MULTI-FACTOR AUTHENTICATION
SECURITY THE POWER OF MULTI-FACTOR AUTHENTICATIONSECURITY THE POWER OF MULTI-FACTOR AUTHENTICATION
SECURITY THE POWER OF MULTI-FACTOR AUTHENTICATIONProtected Harbor
 
Two-Factor Authentication (2FA) Implementation Guide
Two-Factor Authentication (2FA) Implementation GuideTwo-Factor Authentication (2FA) Implementation Guide
Two-Factor Authentication (2FA) Implementation GuideProtected Harbor
 
Protected Harbor Data Breach Trend Report
Protected Harbor Data Breach Trend ReportProtected Harbor Data Breach Trend Report
Protected Harbor Data Breach Trend ReportProtected Harbor
 
What MSPs Can and Cant Do For You in 2022 Whitepaper by Protected Harbor
What MSPs Can and Cant Do For You in 2022 Whitepaper by Protected HarborWhat MSPs Can and Cant Do For You in 2022 Whitepaper by Protected Harbor
What MSPs Can and Cant Do For You in 2022 Whitepaper by Protected HarborProtected Harbor
 
Cybersecurity Risks of 3rd Party Cloud-Apps in 2022 Whitepaper by Protected H...
Cybersecurity Risks of 3rd Party Cloud-Apps in 2022 Whitepaper by Protected H...Cybersecurity Risks of 3rd Party Cloud-Apps in 2022 Whitepaper by Protected H...
Cybersecurity Risks of 3rd Party Cloud-Apps in 2022 Whitepaper by Protected H...Protected Harbor
 
The 7 Steps to Prevent IT-Caused Outages- A Comprehensive Approach
The 7 Steps to Prevent IT-Caused Outages- A Comprehensive ApproachThe 7 Steps to Prevent IT-Caused Outages- A Comprehensive Approach
The 7 Steps to Prevent IT-Caused Outages- A Comprehensive ApproachProtected Harbor
 
The Top 5 Risks of Cloud Migration
The Top 5 Risks of Cloud Migration The Top 5 Risks of Cloud Migration
The Top 5 Risks of Cloud Migration Protected Harbor
 
The Complete Guide to Ransomware Protection for SMBs
The Complete Guide to Ransomware Protection for SMBsThe Complete Guide to Ransomware Protection for SMBs
The Complete Guide to Ransomware Protection for SMBsProtected Harbor
 

More from Protected Harbor (9)

10-Step Cloud Migration Checklist pdf...
10-Step Cloud Migration Checklist pdf...10-Step Cloud Migration Checklist pdf...
10-Step Cloud Migration Checklist pdf...
 
SECURITY THE POWER OF MULTI-FACTOR AUTHENTICATION
SECURITY THE POWER OF MULTI-FACTOR AUTHENTICATIONSECURITY THE POWER OF MULTI-FACTOR AUTHENTICATION
SECURITY THE POWER OF MULTI-FACTOR AUTHENTICATION
 
Two-Factor Authentication (2FA) Implementation Guide
Two-Factor Authentication (2FA) Implementation GuideTwo-Factor Authentication (2FA) Implementation Guide
Two-Factor Authentication (2FA) Implementation Guide
 
Protected Harbor Data Breach Trend Report
Protected Harbor Data Breach Trend ReportProtected Harbor Data Breach Trend Report
Protected Harbor Data Breach Trend Report
 
What MSPs Can and Cant Do For You in 2022 Whitepaper by Protected Harbor
What MSPs Can and Cant Do For You in 2022 Whitepaper by Protected HarborWhat MSPs Can and Cant Do For You in 2022 Whitepaper by Protected Harbor
What MSPs Can and Cant Do For You in 2022 Whitepaper by Protected Harbor
 
Cybersecurity Risks of 3rd Party Cloud-Apps in 2022 Whitepaper by Protected H...
Cybersecurity Risks of 3rd Party Cloud-Apps in 2022 Whitepaper by Protected H...Cybersecurity Risks of 3rd Party Cloud-Apps in 2022 Whitepaper by Protected H...
Cybersecurity Risks of 3rd Party Cloud-Apps in 2022 Whitepaper by Protected H...
 
The 7 Steps to Prevent IT-Caused Outages- A Comprehensive Approach
The 7 Steps to Prevent IT-Caused Outages- A Comprehensive ApproachThe 7 Steps to Prevent IT-Caused Outages- A Comprehensive Approach
The 7 Steps to Prevent IT-Caused Outages- A Comprehensive Approach
 
The Top 5 Risks of Cloud Migration
The Top 5 Risks of Cloud Migration The Top 5 Risks of Cloud Migration
The Top 5 Risks of Cloud Migration
 
The Complete Guide to Ransomware Protection for SMBs
The Complete Guide to Ransomware Protection for SMBsThe Complete Guide to Ransomware Protection for SMBs
The Complete Guide to Ransomware Protection for SMBs
 

Recently uploaded

9999266834 Call Girls In Noida Sector 37 (Delhi) Call Girl Service
9999266834 Call Girls In Noida Sector 37 (Delhi) Call Girl Service9999266834 Call Girls In Noida Sector 37 (Delhi) Call Girl Service
9999266834 Call Girls In Noida Sector 37 (Delhi) Call Girl Servicenishacall1
 
MYSORE CALL GIRLS ESCORT SER 92628/71154
MYSORE CALL GIRLS ESCORT SER 92628/71154MYSORE CALL GIRLS ESCORT SER 92628/71154
MYSORE CALL GIRLS ESCORT SER 92628/71154NiteshKumar82226
 
Call Now HIgh profile ☎9870417354|| Call Girls in Ghaziabad Escort Service De...
Call Now HIgh profile ☎9870417354|| Call Girls in Ghaziabad Escort Service De...Call Now HIgh profile ☎9870417354|| Call Girls in Ghaziabad Escort Service De...
Call Now HIgh profile ☎9870417354|| Call Girls in Ghaziabad Escort Service De...riyadelhic riyadelhic
 
Call Girls | 😏💦 03274100048 | Call Girls Near Me
Call Girls | 😏💦 03274100048 | Call Girls Near MeCall Girls | 😏💦 03274100048 | Call Girls Near Me
Call Girls | 😏💦 03274100048 | Call Girls Near MeIfra Zohaib
 
BADDI CALL GIRL 92628/71154 BADDI CALL G
BADDI CALL GIRL 92628/71154 BADDI CALL GBADDI CALL GIRL 92628/71154 BADDI CALL G
BADDI CALL GIRL 92628/71154 BADDI CALL GNiteshKumar82226
 
JABALPUR CALL GIRL 92628/71154 JABALPUR K
JABALPUR CALL GIRL 92628/71154 JABALPUR KJABALPUR CALL GIRL 92628/71154 JABALPUR K
JABALPUR CALL GIRL 92628/71154 JABALPUR KNiteshKumar82226
 
Russian Call Girls in Goa %(9316020077)# Russian Call Girls in Goa By Russi...
Russian Call Girls in Goa %(9316020077)# Russian Call Girls in Goa By Russi...Russian Call Girls in Goa %(9316020077)# Russian Call Girls in Goa By Russi...
Russian Call Girls in Goa %(9316020077)# Russian Call Girls in Goa By Russi...Goa Call Girls Service Goa escort agency
 
💚😋Bangalore Escort Service Call Girls, ₹5000 To 25K With AC💚😋
💚😋Bangalore Escort Service Call Girls, ₹5000 To 25K With AC💚😋💚😋Bangalore Escort Service Call Girls, ₹5000 To 25K With AC💚😋
💚😋Bangalore Escort Service Call Girls, ₹5000 To 25K With AC💚😋Sheetaleventcompany
 
Call Now ☎9870417354|| Call Girls in Noida Sector 12 Escort Service Noida N.C.R.
Call Now ☎9870417354|| Call Girls in Noida Sector 12 Escort Service Noida N.C.R.Call Now ☎9870417354|| Call Girls in Noida Sector 12 Escort Service Noida N.C.R.
Call Now ☎9870417354|| Call Girls in Noida Sector 12 Escort Service Noida N.C.R.riyadelhic riyadelhic
 
Call Girl Rohini ❤️7065000506 Pooja@ Rohini Call Girls Near Me ❤️♀️@ Sexy Cal...
Call Girl Rohini ❤️7065000506 Pooja@ Rohini Call Girls Near Me ❤️♀️@ Sexy Cal...Call Girl Rohini ❤️7065000506 Pooja@ Rohini Call Girls Near Me ❤️♀️@ Sexy Cal...
Call Girl Rohini ❤️7065000506 Pooja@ Rohini Call Girls Near Me ❤️♀️@ Sexy Cal...Sheetaleventcompany
 
JAMNAGAR CALL GIRLS 92628/71154 JAMNAGAR
JAMNAGAR CALL GIRLS 92628/71154 JAMNAGARJAMNAGAR CALL GIRLS 92628/71154 JAMNAGAR
JAMNAGAR CALL GIRLS 92628/71154 JAMNAGARNiteshKumar82226
 
9891550660 Call Girls In Noida Sector 62 Short 1500 Night 6000
9891550660 Call Girls In Noida Sector 62 Short 1500 Night 60009891550660 Call Girls In Noida Sector 62 Short 1500 Night 6000
9891550660 Call Girls In Noida Sector 62 Short 1500 Night 6000teencall080
 
Call Girls in Mukherjee Nagar Delhi 8826158885 Genuine Escorts Service
Call Girls in Mukherjee Nagar Delhi 8826158885 Genuine Escorts ServiceCall Girls in Mukherjee Nagar Delhi 8826158885 Genuine Escorts Service
Call Girls in Mukherjee Nagar Delhi 8826158885 Genuine Escorts Serviceteencall080
 
Hire 💕 9907093804 IMT Manesar Call Girls Service Call Girls Agency
Hire 💕 9907093804 IMT Manesar Call Girls Service Call Girls AgencyHire 💕 9907093804 IMT Manesar Call Girls Service Call Girls Agency
Hire 💕 9907093804 IMT Manesar Call Girls Service Call Girls AgencySheetal Arora
 
SURAT CALL GIRL 92628/71154 SURAT CALL G
SURAT CALL GIRL 92628/71154 SURAT CALL GSURAT CALL GIRL 92628/71154 SURAT CALL G
SURAT CALL GIRL 92628/71154 SURAT CALL GNiteshKumar82226
 
Call Girls In Lahore || 03274100048 ||Lahore Call Girl Available 24/7
Call Girls In Lahore || 03274100048 ||Lahore Call Girl Available 24/7Call Girls In Lahore || 03274100048 ||Lahore Call Girl Available 24/7
Call Girls In Lahore || 03274100048 ||Lahore Call Girl Available 24/7Sana Rajpoot
 
Call Girls In {Connaught Place Delhi} 9667938988 IndianRussian High Profile E...
Call Girls In {Connaught Place Delhi} 9667938988 IndianRussian High Profile E...Call Girls In {Connaught Place Delhi} 9667938988 IndianRussian High Profile E...
Call Girls In {Connaught Place Delhi} 9667938988 IndianRussian High Profile E...aakahthapa70
 
+91-9310611641 Russian Call Girls In New Delhi Independent Russian Call Girls...
+91-9310611641 Russian Call Girls In New Delhi Independent Russian Call Girls...+91-9310611641 Russian Call Girls In New Delhi Independent Russian Call Girls...
+91-9310611641 Russian Call Girls In New Delhi Independent Russian Call Girls...teencall080
 
Indore Call girl service 6289102337 indore escort service
Indore Call girl service 6289102337 indore escort serviceIndore Call girl service 6289102337 indore escort service
Indore Call girl service 6289102337 indore escort servicemaheshsingh64440
 

Recently uploaded (20)

9999266834 Call Girls In Noida Sector 37 (Delhi) Call Girl Service
9999266834 Call Girls In Noida Sector 37 (Delhi) Call Girl Service9999266834 Call Girls In Noida Sector 37 (Delhi) Call Girl Service
9999266834 Call Girls In Noida Sector 37 (Delhi) Call Girl Service
 
MYSORE CALL GIRLS ESCORT SER 92628/71154
MYSORE CALL GIRLS ESCORT SER 92628/71154MYSORE CALL GIRLS ESCORT SER 92628/71154
MYSORE CALL GIRLS ESCORT SER 92628/71154
 
Call Now HIgh profile ☎9870417354|| Call Girls in Ghaziabad Escort Service De...
Call Now HIgh profile ☎9870417354|| Call Girls in Ghaziabad Escort Service De...Call Now HIgh profile ☎9870417354|| Call Girls in Ghaziabad Escort Service De...
Call Now HIgh profile ☎9870417354|| Call Girls in Ghaziabad Escort Service De...
 
Call Girls | 😏💦 03274100048 | Call Girls Near Me
Call Girls | 😏💦 03274100048 | Call Girls Near MeCall Girls | 😏💦 03274100048 | Call Girls Near Me
Call Girls | 😏💦 03274100048 | Call Girls Near Me
 
BADDI CALL GIRL 92628/71154 BADDI CALL G
BADDI CALL GIRL 92628/71154 BADDI CALL GBADDI CALL GIRL 92628/71154 BADDI CALL G
BADDI CALL GIRL 92628/71154 BADDI CALL G
 
JABALPUR CALL GIRL 92628/71154 JABALPUR K
JABALPUR CALL GIRL 92628/71154 JABALPUR KJABALPUR CALL GIRL 92628/71154 JABALPUR K
JABALPUR CALL GIRL 92628/71154 JABALPUR K
 
Russian Call Girls in Goa %(9316020077)# Russian Call Girls in Goa By Russi...
Russian Call Girls in Goa %(9316020077)# Russian Call Girls in Goa By Russi...Russian Call Girls in Goa %(9316020077)# Russian Call Girls in Goa By Russi...
Russian Call Girls in Goa %(9316020077)# Russian Call Girls in Goa By Russi...
 
💚😋Bangalore Escort Service Call Girls, ₹5000 To 25K With AC💚😋
💚😋Bangalore Escort Service Call Girls, ₹5000 To 25K With AC💚😋💚😋Bangalore Escort Service Call Girls, ₹5000 To 25K With AC💚😋
💚😋Bangalore Escort Service Call Girls, ₹5000 To 25K With AC💚😋
 
Call Now ☎9870417354|| Call Girls in Noida Sector 12 Escort Service Noida N.C.R.
Call Now ☎9870417354|| Call Girls in Noida Sector 12 Escort Service Noida N.C.R.Call Now ☎9870417354|| Call Girls in Noida Sector 12 Escort Service Noida N.C.R.
Call Now ☎9870417354|| Call Girls in Noida Sector 12 Escort Service Noida N.C.R.
 
Call Girl Rohini ❤️7065000506 Pooja@ Rohini Call Girls Near Me ❤️♀️@ Sexy Cal...
Call Girl Rohini ❤️7065000506 Pooja@ Rohini Call Girls Near Me ❤️♀️@ Sexy Cal...Call Girl Rohini ❤️7065000506 Pooja@ Rohini Call Girls Near Me ❤️♀️@ Sexy Cal...
Call Girl Rohini ❤️7065000506 Pooja@ Rohini Call Girls Near Me ❤️♀️@ Sexy Cal...
 
JAMNAGAR CALL GIRLS 92628/71154 JAMNAGAR
JAMNAGAR CALL GIRLS 92628/71154 JAMNAGARJAMNAGAR CALL GIRLS 92628/71154 JAMNAGAR
JAMNAGAR CALL GIRLS 92628/71154 JAMNAGAR
 
9891550660 Call Girls In Noida Sector 62 Short 1500 Night 6000
9891550660 Call Girls In Noida Sector 62 Short 1500 Night 60009891550660 Call Girls In Noida Sector 62 Short 1500 Night 6000
9891550660 Call Girls In Noida Sector 62 Short 1500 Night 6000
 
Call Girls in Mukherjee Nagar Delhi 8826158885 Genuine Escorts Service
Call Girls in Mukherjee Nagar Delhi 8826158885 Genuine Escorts ServiceCall Girls in Mukherjee Nagar Delhi 8826158885 Genuine Escorts Service
Call Girls in Mukherjee Nagar Delhi 8826158885 Genuine Escorts Service
 
Hire 💕 9907093804 IMT Manesar Call Girls Service Call Girls Agency
Hire 💕 9907093804 IMT Manesar Call Girls Service Call Girls AgencyHire 💕 9907093804 IMT Manesar Call Girls Service Call Girls Agency
Hire 💕 9907093804 IMT Manesar Call Girls Service Call Girls Agency
 
SURAT CALL GIRL 92628/71154 SURAT CALL G
SURAT CALL GIRL 92628/71154 SURAT CALL GSURAT CALL GIRL 92628/71154 SURAT CALL G
SURAT CALL GIRL 92628/71154 SURAT CALL G
 
Call Girls In Lahore || 03274100048 ||Lahore Call Girl Available 24/7
Call Girls In Lahore || 03274100048 ||Lahore Call Girl Available 24/7Call Girls In Lahore || 03274100048 ||Lahore Call Girl Available 24/7
Call Girls In Lahore || 03274100048 ||Lahore Call Girl Available 24/7
 
9953056974 Call Girls In Ashok Nagar, Escorts (Delhi) NCR.
9953056974 Call Girls In Ashok Nagar, Escorts (Delhi) NCR.9953056974 Call Girls In Ashok Nagar, Escorts (Delhi) NCR.
9953056974 Call Girls In Ashok Nagar, Escorts (Delhi) NCR.
 
Call Girls In {Connaught Place Delhi} 9667938988 IndianRussian High Profile E...
Call Girls In {Connaught Place Delhi} 9667938988 IndianRussian High Profile E...Call Girls In {Connaught Place Delhi} 9667938988 IndianRussian High Profile E...
Call Girls In {Connaught Place Delhi} 9667938988 IndianRussian High Profile E...
 
+91-9310611641 Russian Call Girls In New Delhi Independent Russian Call Girls...
+91-9310611641 Russian Call Girls In New Delhi Independent Russian Call Girls...+91-9310611641 Russian Call Girls In New Delhi Independent Russian Call Girls...
+91-9310611641 Russian Call Girls In New Delhi Independent Russian Call Girls...
 
Indore Call girl service 6289102337 indore escort service
Indore Call girl service 6289102337 indore escort serviceIndore Call girl service 6289102337 indore escort service
Indore Call girl service 6289102337 indore escort service
 

Top Law Firm Cyber Attacks Throughout History

  • 1. TOP LAW FIRM CYBER ATTACKS THROUGHOUT HISTORY
  • 2. WHY WILL LAW FIRMS CONTINUE TO BE A PRIME TARGET? INTRODUCTION Experts believe we are on the verge of a cybersecurity catastrophe. Hackers and scammers are at an all-time high with the frequency and sophistication of their cyber-attacks. Criminals have never had easier than today’s technology to try and exploit potential victims’ security flaws. Various individuals as well as organizations are being attacked, and law firms are no exception. According to a survey conducted by the American Bar Association (ABA), the number of law firms that had experienced a cybersecurity breach in 2020 has increased from 26% in 2019 to now 29%. This means that enhancing cybersecurity is more of a necessity than ever before, especially for law firms with high-profile clients like Google. The threats posed by hackers and other hostile actors are becoming more widely recognized in the legal community. These criminals attack law firms of all sizes, including those on the larger scale finding that law firms aren’t responding quickly enough to the growing threat. The answer to this is simple: law firms hold sensitive information about their clients, and they store this information in databases that can be accessed or stolen by hackers. Cybercriminals target law firms to sell sensitive client information on the Dark Web or use it to try and extort clients. Furthermore, law firms often handle large amounts of money and confidential documents making them prime targets for phishing scams and ransomware attacks.
  • 3. JP MORGAN CHASE FAMOUS TOP LAW FIRM CYBER-ATTACKS Let's take a look at some of the most well-known law firm security breaches in the world: MOSSACK FONSESCA & THE PANAMA PAPERS The Panama Papers have been described as one of the biggest leaks in journalism history. The leak revealed how some of the world's wealthiest people have been using tax havens in order to hide their wealth. The revelations led to protests in Iceland and more than 10 high-profile resignations, including that of Iceland's prime minister. According to reports, the breaches included 11.5 million classified records from the 1970s to late 2015. Mossack Fonseca told the BBC their firm had been hacked by servers based abroad and that it was working alongside Panamanian authorities to investigate the incident and made no other comments in regard to the situation. The Panama Papers also led to protests across Iceland and other countries where people called for transparency over political leaders' financial interests. The JP Morgan Chase cyber security incident in 2014 was one of the most publicized data breaches to date. The attack involved the theft of sensitive personal information belonging to more than 76 million households and seven million small businesses through a sophisticated breach on its servers. It was the hack heard 'round the globe due it’s success in breaking the world’s largest bank. Names, addresses, phone numbers, email addresses, and private, internal user information was hacked in more than half of all U.S. households in 2014. The hackers even gained "root" rights on more than 90 of the bank's servers. Root rights or rooting grants a hacker to access to any Android operating systems. This gives the hacker access to manipulate any software codes or to install new software that, for example, this bank wouldn’t normally do. This allowed them to move money and terminate accounts. The final hacker was apprehended in 2016 in New York, but their wire fraud and money laundering totaled more than $100 million between the years 2014 and 2016.
  • 4. OLERAS PHISHING CAMPAIGN AGAINST LAW FIRMS UPMC PATIENTS In 2016, a cybercriminal using the alias Oleras conducted a spear-phishing cam- paign against top law firms. The hacker attempted to recruit accomplices through the criminal underground in order to assist him in breaching law firms' defenses and looking for pending agreements using keywords. Oleras presented a strategy to run keyword searches in law firm computer networks for papers that includ- ed merger information, offering a hacker $100,000 plus extra 45,000 rubles ($564). But first, the hacker would have to gain access to the law firm's computer networks. Oleras is said to have advised spear-phishing assaults on employees who had submitted their names, email addresses, and social media account information. The scheme started with an email first sent to the firm's client that included malware. Once opened, the malware would collect information about the user and send it back to Oleras. Then Oleras would use that information to access the law firm's network and transfer funds from trust accounts into his accounts. The firm recovered most of its money, but not before paying a $5 million ransom to Oleras for his silence. A group of hackers managed to breach the email accounts of multiple doctors in order to gain access to sensitive patient medical data. CJH (Charles J. Hilton, P.C. Attorney at Law) sent UPMC (University of Pittsburgh Medical Center) a breach report in December 2020, confirming that the people who broke into the email accounts did have access to patient data. The data utilized by CJH to offer its contracted billing-related legal services to UPMC was among the patient information compromised in the assault. The breach has exposed personal data of patients. However, it's unclear how many patients were affected by this attack, but experts believe it could be millions.
  • 5. MOSES AFONSO RYAN LTD & THE RANSOMWARE ATTACK According to a lawsuit filed in U.S. District Court, an unknown person or possibly group kept a Providence law practice hostage for months by encrypting their files and demanding a $25,000 ransom in anonymous cyber money for recovery access. The firm's billing system and documents were specifically blocked, making it impossible for clients to pay and vital financial information to be accessible. Because the value of the encrypted material was so high, the legal firm's officials decided to give in to the hackers' demands. They paid the hackers in Bitcoins, but they did not supply the decryption key and went on to demand more money. The law firm made arrangements to buy more bitcoins in return for various tools to recover its records, hoping that the insurer would reimburse them for all of their costs. They unfortunately did not. CONCLUSION It's vital to remember that cybercriminals stand to gain a lot by harming your business, and their chance of being discovered is low. The perpetrators are rarely apprehended, and some businesses never recover. Both large and small law firms are at risk. When a security breach occurs, the only thing a company can do is notify their clients and try to determine how much information was compromised. Prevention should be preferred over damage control, though some businesses think otherwise. Don’t become a victim. Take the proper steps to ensure that you know how data loss can occur and what you can do to protect your networks, databases, and staff accounts from being next on the hit list.
  • 6. Ransomware attack shut down this lawfirm and put them on the defensive. Refused to pay $200k ransom 4.8 terabytes of data recovered Decresed I.T. costs by 50% Esbin & Feinmesser, PLLC is a boutique law firm that prides itself on offering legal and advisory services that match those of large corporate firms while crafting a more personal experience for its clients. Being in practice for over 20 years, they have a lot to protect. Partner Scott Esbin explains, “as a law firm, we're just inherently conservative about putting our data and files in somebody else’s hands. There's a whole host of rules that we have to abide by in terms of client confidence and security. Law firms can be brought down ultimately, and lawyers could theoretically be sanctioned if they're not careful about how they treat their data.” With all the news in 2019 of the cyber-attacks on corporate giants like Facebook and Citibank, his firm’s security was weighing heavily on his mind. Esbin knew that in the event of an attack, he would be faced with many tough conversations not only with his employees but with his clients. If he were to lose his clients confidence, it would be likely that he would have to close his business for good. Despite the trend at the time toward cloud-based storage, Esbin wasn’t convinced it was the proper course for his firm. He found an IT provider he thought could help. The vendor seemed like a good fit for Esbin & Feinmesser initially, but things began to shift over time. There was no cohesive, intentionally-developed plan to achieve the organization’s goals and satisfy its security needs. The proposed solutions were often a quick-fix of new software with more equipment. Esbin & Feinmesser housed their data in the office to circumvent Esbin’s fears about cloud technology. They had more machines in the office than employees. There was way too much volume with no design, so it was not enough to keep the business safe—and those choices cost Esbin dearly. “We had to pay for our licenses. We had to pay for people to come in. We had to pay for hardware when a computer would bust. It was expensive. I would have spent $50,000 - $100,000 more on computers and, licensing, other costs.” Esbin recalls. Then in March of 2020, what Esbin had always feared, happened... ThisLawyer'sDataGotHeldRansomfor$200,000. ThenHeCalledProtectedHarbor. CHALLENGES INTRODUCTION ATAGLANCE
  • 7. CHALLENGES (continued) “We got hacked,” Esbin shared. “We couldn't access email. We couldn't access our servers. It was like somebody came in and put a giant padlock on all of our stuff. We still, to this day, don't know exactly how it happened. We think it was a bad attachment somebody opened.” Rather than giving in to the ransom of $200,000.00 USD, Esbin immediately knew he needed a new IT provider that could help him regain access to his business. Still, more than anything, he needed better protection so this could not happen again. Though keeping the servers in his office did not prevent intruders, he still had doubts about cloud-based storage. Protected Harbor sat down with Esbin and listened to his concerns. He worried if his data was safer sitting next to him in the office or the cloud. How could the firm stay safe? How can he make sure this doesn’t happen again? How could he keep an employee from making a mistake that may take down the company? “We've slashed our technology budget by half, sending it back to the employees. We’ve redeployed those funds to things like healthcare, salaries, and bonuses for the staff.” Scott Esbin, Partner Esbin & Feinmesser, PLLC Solutions Protected Harbor calmed these fears quickly by explaining how the process would work, why cloud-based storage was safer, and how they would protect him from future attacks with monitoring and redundancies. Then they collaborated to put the pieces of Esbin & Feinmesser back together. Nick Solimando, Director of Technology at Protected Harbor, said he believes “ransomware hit the servers in our client’s office. It got down to cryptic system files to the point where servers wouldn't even function properly and wouldn't boot up properly. None of their file shares were functional.” Fortunately, none of their data was leaked and some of the data was not infected severely so that Protected Harbor could still look at those files. The equipment, on the other hand was now essentially scrapped metal. Solimando illustrated Esbin & Feinmesser’s new security measures saying, “Our goal is to put clients in a protective bubble. We don't want you to worry about the IT—so you can focus on your business.” Protected Harbor always starts with an audit of the client’s current system and what their needs are. This migration was unique because Esbin came with only pieces of data, and the plans were down. So, Protected Harbor analyzed the entire picture to see what was salvageable and asked Esbin what functions were most important for recovery. “We have a lot of unique programs that we use that are proprietary,” Esbin immediately answered. “They're unique to us; we own them. If I don't have them, I don't operate.” In the end, Protected Harbor worked with Esbin’s programmers to reconnect and successfully integrate the custom application. Protected Harbor was able to recover 4.8 terabytes of data and only 200 gigabytes were ultimately lost. They managed to retrieve a suitable backup file about two months old, but it was valid and able to be restored. Out of roughly ten years’ worth of data, Esbin was only missing a small fraction worth of data. Their system was restored, and they are still operational.
  • 8. Solutions (continued) Protected Harbor even worked with end-users to recreate their environments so that their files and access were back to normal after less than a month. As Esbin & Feinmesser’s systems returned online, they needed to be fully protected. “We put them in a virtual environment in our data center and gave him his dedicated virtual network. So it's just him in there, nothing else. He's segregated and isolated.” Solimando elaborated. Malware scanning and monitoring are a part of Protected Harbor’s default environment. The monitoring services are comprehensive and prevent threats instead of reacting to them. Esbin now benefits from constant monitoring for things like RAM, CPU, and disk space to ensure everything is performing as it should. If it’s lagging, Protected Harbor is already looking into it and resolving the issue before the end-user is impacted. Known malicious IP addresses, attack vectors, and even whole countries are blocked out, not allowing anything to penetrate their network. Redundant internet, firewalls, switches, virtualization nodes, backup architecture, and mechanisms help prevent errors and maximize uptime. If there is an issue, the backup files are completely inaccessible from where the admin users are. “Most likely, the ransomware they got hit with before would never even reach the server today,” Solimando assures. “It would get stopped by one of the protections upstream from them. If it got through all of that, we would be able to recover them inside of a day, probably less than 12 hours.” THERESULT Today Esbin is grateful that the hack happened when and how it did. He quotes, “‘Fear is the mind-killer.’ It’s a line from a movie called Dune, but I think that's probably the biggest lesson I've learned from this. I think that we were lucky that we got hacked. It's true because having what we have now works better than anything we've had in the past.” The lesson cost was high, but Esbin recognizes that the infiltration they experienced could have been much worse. Fortunately, none of his client data was taken or accessed. It was locked away, so hackers could not access it without Protected Harbor’s services. Esbin has a new confidence level as he knows his business is adequately protected. He has the support he needs, and when his company grows or changes, Protected Harbor will design a solution for him based on his individual needs. There’s always someone to answer Esbin’s calls, even for help with the simple things that cause significant problems, like figuring out how to print on both sides of the page. He’s received all the personal service and hands-on assistance he needs. The cost savings with Protected Harbor is also significant. Esbin was pleased that while he’s reduced his IT costs by roughly 50%, he has gained security, expert assistance when needed, and more peace of mind.
  • 9. ABOUT PROTECTED HARBOR Protected Harbor provides customized data center infrastructure management and appli-cation migration support to businesses looking to scale their technology and bottom line. With over 15 years of service and a 99.99% uptime record, our team is fully committed to creating, maintaining, and managing the high-est quality application operations environment experiences. Your uptime is our focus. Our 90+ Net Promoter Score, and 95% client retention rate back up that claim. Our Protected Data Center is an integrated suite of managed services focused on the uptime of your appli-cation at the lowest possi-ble cost, regardless of location, and cloud pro-vider. From infrastructure design to network operations including security, storage, connec-tivity, remediation, monitoring, and more. Protected Data Center provides end-to-end support to secure deployments of complex enterprise applica-tions to protect your tech-nology infrastructure investments. Like everyone else, we o� er Cybersecurity, Enterprise Networking, Infrastructure Design, Network Con� guration, Monitoring, Customized Protected Cloud, Change Management, & Protection & Recovery.Unlike everyone else, we listen, learn, think, and do not blindly deploy. Focusing on durability and uptime, we design a custom architecture solution integrated with a seamless migration process. The entire time we keep your business up and running with our proprietary application outage avoidance methodology (AOA) providing redundancy and high availability.Protected Data Center features a global helpdesk with level 1, 2 & 3 support, 24/7 NOC, a Tier 3 Data Center, best-in-breed CMDB solutions, and years of experience & knowledge from working with leading technology companies. Protected Harbor, Inc., 60 Dutch Hill Road, Suite 16, Orange- burg, NYSuite 16, Orangeburg, NY Email: sales@protectedharbor.com Phone: +1 201-957-1616