Why Would Anyone Hack a Law Firm?

Many in the legal profession think they are immune from targeted cyber-attacks like those experienced by Sony, Home Depot and Target last year. After all, what does a law firm store on its servers that anyone would be interested in?

Sure, there have been a few reports of digital snooping of law firms over the years. A small firm was hacked two years ago, resulting in millions of trust fund dollars going missing. Just this past December 31st, a BC law firm’s data was held for ransom unless they paid the hackers. According to a Law Society of BC notice, some of the workstations at the law firm had notices pop up saying “Your files were encrypted and locked with a RSA2048 key” and demanding that payment be made within 12 hours, after which, the ransom amount would increase. The message also threatened to destroy all data if payment wasn’t received within 30 days. The firm managed to remove the hack and recover their data from backups, but the interruption in accessing their data was not appreciated.

​Despite occurrences like these, for most firms, cyber security just isn’t high on the partner’s radar. As reported byComputerWeekly.com in December, the number of cyber-attacks in 2015 is expected to exceed any previous year. Now is the time to address this issue and make sure your law firm is not the next one in a Law Society bulletin or on the front page of the Law Times.