Home » Uncategorized » Cyber-hacking in the Legal World

Cyber-hacking in the Legal World

Recently, big law firms have become one of the many victims of database and information hacking.  Particularly, since 48 big firms were hacked by the Russian hacking group, which goes by the alias “Oleras,” the security of information held and protected by big law firms has come into question.  This requires firms across the country to seriously take their methods of information protection, if they have them, into consideration, and firms who do not have measures in place to protect against the hacking of confidential information to develop such measures before they fall prey to the hacking epidemic.

There are several reasons why hackers may target law firms to obtain valuable information, the most prominent of which is simply the susceptibility of legal organizations in comparison to big banks and Wall Street.  Most law firms do not have strong cyber-defense measures in place to protect classified information because, until recently, these protections have not been necessary.  Since hacking is still relatively new to the legal world, hackers may be taking advantage of the minimal security measures that currently exist in most firms.  For example, most big law firms are only recently beginning to implement the practice of prohibiting personal email access at work, while big banks and Wall Street employers, such as Goldman Sachs, have had this rule in place for some time, to avoid security breaches.  Secondly, hackers may be able to access confidential and valuable information about big corporate clients through their law firms.  Since many lawyers are not particularly “tech savvy” or knowledgeable about modern day hacking practices, it is likely that they may not immediately notice a phishing scheme or security breach.  Conversely, hackers are likely skilled in the latest technology practices and protections, and may have extensive knowledge on how to make security breaches as seamless as possible, masking the hacking until it is too late for susceptible firms to protect their information.

So, a critical question for most firms is how to protect against hacking?  Law firm data security can be maximized through a number of measures.  A primary, and perhaps the most all-encompassing measure of protection, would be to employ off-site servers to keep client data protected.  According to Jared Staver, of the Chicago-based Staver law group, selecting a service and working with that service to move protected data to a separate server ensures that the information cannot be accessed through the firm’s database.  Another preventative practice is to consistently monitor all traffic on law firm servers, so that security breaches, or hacking attempts can be detected before valuable information is accessed.  Lastly, an important measure to take to prevent informational hacking is to train employees to spot irregularities in server activity, and report such activity immediately.

It’s not secret that lawyers are not notorious for their technical prowess or expertise, however in the modern day landscape of internet and database security breaches, lawyers and big firms need to up the ante when it comes to information protection.  Educating firms and their attorneys on the real risks of hacking and the best ways to minimize these risks is the first step to securing classified information.

Marisah Ali