What We Do
How We Do
Get Started

2019 eSentire Threat Intelligence Spotlight: Legal Industry

BY eSentire

August 14, 2019 | 3 MINS READ

Threat Intelligence

Want to learn more on how to achieve Cyber Resilience?


Five years ago, at a major legal technology conference in New York City, the topic of cybersecurity was overshadowed by a sea of document management and billing system vendors. eDiscovery captured the lion’s share of attention. Arguing that law firms must address cyberthreats was like telling attendees that the world was about to be invaded by marauding aliens from another galaxy. Then, like the movie “Independence Day,” cyberthreats arrived and hovered over law firms, preparing for a global assault.

The attack on Wall Street law firms Cravath, Swaine & Moore LLP and Weil, Gotshal & Manges LLP demonstrated how stolen FDA fillings and press releases could be used to make millions of dollars in illegal stock trades. The Paradise Papers and Panama Papers demonstrated that hackers could monetize or weaponize even innocuous tax law files. Ransomware attacks collected a pirate’s bounty in payments, cost a small fortune in lost billable hours and did untold damage to many firms’ reputations. Today, ransoms are morphing into extortion as hackers demand payment to avoid exposure of damaging information. Even nation state actors target law firms, finding it easy to access their lucrative clients or working in retaliation for political actions, as demonstrated in the case studies below.

The risk to law firms is apparent. In October 2018, the American Bar Association (ABA) issued a Formal Opinion, expanding on Rule 1.4. Formal Opinion 483 references a “duty of competence,” an “obligation to monitor for a data breach” and the necessity to “stop the breach” and “determine what occurred.” The duty to competence explicitly references a 2012 modification to Rule 1.1 that obligates law practitioners to understand the risks of the technology they use.

As the nexus of the global economy, the legal community establishes and interprets legislation, shepherds’ mergers and acquisitions, drives patent and files intellectual property claims. This myriad of highly profitable, confidential information ensures law firms will remain a preferred cybercriminal target. In fact, eSentire data shows law firms are one of the top five industries targeted by cybercriminals. Various reporting agencies find similar results with law firms accounting for almost 10 percent of breaches.

As an industry, law firms have improved their overall cybersecurity practices, which has resulted in a lower than average amount of nuisance cyberattacks as compared to other industries such as healthcare, manufacturing and energy. Legal and IT practitioners no longer smirk with disbelief when they hear about elaborate cyberattacks on their counterparts. Now discussions center on ways to reduce risk, advanced measures of performance and bringing all levels of a firm into training, incident simulations and board-level planning.

eSentire’s security analysts are pitted against smash-and-grab thugs, criminal cartels and nation state actors. Every year, eSentire Security Operations Center (SOC) teams analyze billions of indicators of compromise to identify real threats and contain attacks before they disrupt our clients’ businesses. This mission critical data contains a trove of enlightening trends and patterns that can be used to identify top vulnerabilities, popular attack vectors and tradecraft used by cybercriminals.

In law enforcement parlance, “means, motives and opportunities” should frame the tenants of your cybersecurity program. Knowing your adversaries’ capabilities helps focus priorities. Identifying their opportunities flags your security gaps or vulnerabilities. And, of course, knowing their motives highlights what assets they seek and which ones you must protect.

Today we are releasing our inaugural Threat Intelligence Spotlight on the Legal Industry, a report that provides a wealth of information that law firms can leverage to reduce their cyber risk profile. The report explores the most common malware, top vulnerabilities and phishing lures used to infiltrate law firms. As the expression goes: “A wise person gets more use from his enemies than a fool from his friends.” This report provides a focused exploration of the actions of your adversaries, along with actionable recommendations to improve your ability to protect your clients and reputation.

The full report can be downloaded here: https://www.esentire.com/resource-library/2019-legal-threat-report/


eSentire, Inc., the Authority in Managed Detection and Response (MDR), protects the critical data and applications of 2000+ organizations in 80+ countries, across 35 industries from known and unknown cyber threats by providing Exposure Management, Managed Detection and Response and Incident Response services designed to build an organization’s cyber resilience & prevent business disruption. Founded in 2001, eSentire protects the world’s most targeted organizations with 65% of its global base recognized as critical infrastructure, vital to economic health and stability. By combining open XDR platform technology, 24/7 threat hunting, and proven security operations leadership, eSentire's award-winning MDR services and team of experts help organizations anticipate, withstand and recover from cyberattacks. For more information, visit: www.esentire.com and follow @eSentire.

Read the Latest from eSentire