Cision reported on May 27 that BlueVoyant, a global cybersecurity services company, launched its "Sector 17 - The State of Cybersecurity in the Legal Sector" report. The report states that in spite of excellent cybersecurity standards, 15% of a global sample of law firms showed signs of compromised networks. Not surprising given how law firms are targeted.
BlueVoyant analyzed thousands of law firms worldwide between January and March 2020. The study found that 100% of law firms have been targeted – no surprise given the sector's estimated worth of nearly $1 trillion, making it a target for financially-motivated attacks and of course they are also targeted for the amount of sensitive data they have in their possession.
The attacks included pursuit of sensitive financial information and PII, extortion (non-ransomware), ransomware, third-party risks, password breaches and insider leaks and hacktivism. It also analyzed how cybercriminals' use of the Dark Web has expanded to share and sell compromised data, providing examples of how this information can be used to conduct ransomware attacks and subsequent breaches.
Detailed analysis of 20 law firms, including an examination of defense metrics, inbound threat targeting and evidence of compromise, revealed that 15% of these firms were likely to have been compromised based upon strong evidence of suspicious traffic – and many more (almost half) showed signs of suspicious activity, including malicious proxy use.
To download BlueVoyant's "Sector 17 – The State of Cybersecurity in the Legal Sector" report, visit https://www.bluevoyant.com/sector-17-bluevoyant-legal-sector-report.
Hat tip to Dave Ries.
Sharon D. Nelson, Esq., President, Sensei Enterprises, Inc.
3975 University Drive, Suite 225|Fairfax, VA 22030
Email: firstname.lastname@example.org Phone: 703-359-0700
Digital Forensics/Cybersecurity/Information Technology