Selling cyber security solutions requires that clients fully understand the risks associated with poor security. Much like a seatbelt or a guard dog, you really only need it in a handful of situations, but those are critical situations and that is what cyber security companies work to impress on their clients.

This year that work was done for them and it was done in a big way. In April, internationally renowned law firm Mossack Fonseca had millions of highly confidential client documents leaked to the public. Banking information for thousands of offshore accounts used by the rich and powerful were disclosed, resulting in high level investigations, political mayhem, and public outrage. It also put law firms on notice: this is what cyber security failure looks like.

Law firms are increasingly the targets of state-sponsored foreign hacker groups. That trend is on the rise in places like China and Russia where hackers steal information for insider trading purposes and to sell on the black market. Law firms have volumes of highly sensitive information on their servers and as a result attract unwanted attention.

Today's cyber security landscape is not the same that it was five years ago, or even one year ago. It is rapidly changing as hackers adjust to security measures and the security industry counters again. This is a snapshot of some of the most worrisome hacker methods used today and what the industry is doing to respond:

Spear Phishing

A hacker does not have to be a tech genius who is manipulating complex lines of code to circumvent a firewall. In fact, many methods for inflicting damage on a law firm are done through social manipulation. Spear phishing is the practice of mimicking an important individual's email address and instructing company employees to perform any number of damaging actions, from wiring large sums of money, to sending confidential files, and sharing privileged information.

"Companies in all industries are vulnerable to tactics like this," shares John Sweeney, President and COO of LogicForce, a company that provides cyber security and IT services to law firms. "But law firms are especially lucrative targets because of the trade secrets, Intellectual Property and Insider Information that resides on their servers. Every law firm today is under bombardment from hacking methods like spear phishing."


Imagine turning on your computer to find that all of your sensitive files have been encrypted by foreign hackers and they are demanding thousands of dollars to unlock it. Believe it or not, the cheapest, lowest maintenance option is usually to pay the ransom. Many businesses that lack the financial resources to pursue the hackers and that cannot afford to have their doors closed for weeks on end opt to pay the ransom and get back to work.

This is especially true of law firms that have strict deadlines to meet on their clients' behalf. Additionally, pursuing a hacker group would involve publicly admitting to a hack, which damages consumer confidence and hurts the reputation of the firm. Ransomware attacks on law firms have been on the rise and are made worse by having poor security measures and support in place.

Insider Attacks

Insider attacks remain one of the biggest threats to companies in all industries, but again, particularly law firms. The sheer volume of sensitive information in a law firm means that employees of all levels will have access to information that could be damaging if it were leaked.

Preventing insider attacks requires procedures that stymie the usual routes for stealing information.

"Without applying a document monitoring system that provides early insight into the behaviors of personnel and the documents that are accessed, law firms will never be able to limit the damage done by the malicious actions of a rogue employee looking for financial gain or to do harm to the firm," says Sweeney.

Such procedures are absolutely essential given how much damage a leak can cause. Treating information with sensitivity requires that the individuals who have access to it follow reasonable guidelines.

The Internet of Things

Companies have more devices than ever before. Commonly referred to as the Internet of Things (IoT), they are both an operational asset and a security weakness. Every one of those devices that connects back to the company network or that is used to access email or shared folders is a potential opening for hackers.

As a result, good cyber security solutions include endpoint security, meaning that it monitors and protects all of the access points to a company's vital information. RSA President Amit Yoran has publicly called for greater attention to be paid to endpoint security, noting that only 10% of budgets are being spent on detection and response.

This is a problem that is growing in size as the IoT continues to expand and become more integrated into the workplace. Law firms that are not encrypting their emails, servers, and using dual factor login credentials on mobile devices are more vulnerable than they need to be. Many security measures are simple and inexpensive, they just require that users follow the rules and respect the process.