As with every other industry, the legal industry experienced seismic change in 2020 as it shifted to a remote work model that meant critical document systems must be securely accessed from home offices through consumer-grade internet routers. Stretched cybersecurity teams now are faced with protecting a broader attack surface as commodity malware and drive-by cyberattackers seek to take advantage of the widespread use of more VPNs, remote desktops and collaboration software.
Key findings in this threat intelligence report from eSentire and the International Legal Technology Association include:
- Distributed workforces drove faster digital migration and cloud services adoption, creating new gaps for sophisticated adversaries
- Raw alert data from eSentire’s customer base places legal services near the top of most-targeted industry list
- The legal industry has the fifth-highest degree of vulnerability to known malware exploits
- Observations suggest that Zloader, Emotet, Qakbot, Shathak, Ursnif, Valak and IcedID are prominent threats for legal organizations
- Attackers are exploiting user behavior and leveraging trusted operating system tools, such as living-off-the-land binaries, aka LOLBins, to achieve malicious goals