[BreachExchange] 5 Types of Law Firm Data Breaches, From Human Error to Hacktivism

[Audrey McNeil]

http://blogs.findlaw.com/technologist/2016/04/5-types-of-law-firm-data-breaches-from-human-error-to-hacktivism.html

The recent Panama Papers leak, caused by a data breach in the Panamanian
law firm Mossack Fonseca, underscores what we've long known: the legal
industry needs to make cybersecurity a priority. (There are some lessons
about abetting corruption to be learned from the Panama Papers as well, but
that's for another blog.) And it's not just Mossack Fonseca that's
struggled with cybersecurity; just recently, Cravath confirmed it had been
hacked, while the FBI warned firms in Chicago that they were being targeted.

But not all data breaches are made the same. Here are the five most common
types of law firm data breaches, and their causes.

1. Human Error

Let's start with the least sexy but most important cause of data breaches:
human error. Human error and negligence are the most common cause of data
loss. A 2015 survey from Baker Hostetler, one of the nation's largest
intellectual property focused law firms, found that more than a third of
all data breaches were caused by employee negligence.

In law firms, this kind of data loss can include everything from
accidentally emailing confidential work product to the wrong person, to
failing to properly encrypt documents, to losing a laptop full of
confidential information. Such errors can be potentially devastating,
destroying privilege in some cases, and putting clients at risk in others.

2. Hackers After Insider Information

Law firms hold onto a wealth of valuable, confidential information, making
them a prime target for hackers looking for some insider info. And that
desire to gain confidential knowledge, then game the market, seems to have
been behind several recent hacking attempts against large firms.

The Russian hacker Oleras is currently targeting firms for insider mergers
and acquisition information, the FBI warned early last month. And just last
week, news broke that major M&A firms, including Cravath, Swaine & Moore
and Weil, Gotshal & Manges, may have had their computer networks
compromised.

3. International Cyber Espionage

When it comes to international espionage, law firms aren't immune to some
cloak and dagger cyberattacks. In 2010, the California firm Gipson, Hoffman
& Pancione, faced phishing attacks from Chinese hackers after it filed a
piracy lawsuit against the Chinese government, according to Legaltech News.
Just two years later, more Chinese were behind a data breach at Wiley Rein,
during the firm's anti-dumping suit against the country.

4. Information Ransom

Some hackers steal your information to play the market, some use it to
undermine your international litigation, and others just hold it hostage.
"Ransomware" is a growing form of malware that infects your computers and
encrypts important files -- all Office files, for example, or all .pdfs.
The program then demands online payment, from a few hundred to a few
thousand dollars, in order to return access to your information. Consider
it low-level hostage taking -- a type that's becoming increasingly common.

5. Hacktivism

It's an uncommon form of law firm hacking, but it's one that has repeatedly
made the headlines: "hacktivism," or politically-motivated, activist-minded
hacking. The classic example is Puckette Faraj, the former firm which, in
2012, was hacked while defending Sergeant Frank Wuterich against charges
that he'd killed 24 unarmed civilians in Iraq's Haditha Massacre. The
hacktivist group Anonymous broke into the firm's computers, dismantled its
website, and leaked hundreds of emails about the case.

And then, of course, there's Mossack Fonseca. While the details of the
firm's data breach are still emerging, the firm claims that the Panama
Papers were taken by an external hacker, not a whistleblowing insider.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20160408/e714b3b0/attachment.html>