The cyber threat landscape has rapidly changed over the last few years for the legal sector, with law firms around the world affected by Maze ransomware and nation-state attacks as threat actors increase their cyber operations. Organizations have been forced to rethink their cyber security strategies and deploy more adaptive defenses that can autonomous respond to emerging attacks.
Handling large volumes of sensitive data, the legal sector is a perfect target for cyber-criminals. In today’s digital world, even the most private legal documents are regularly revised online. From confidential information about M&As to disclosures made under attorney-client privilege, law firms handle data on a daily basis that would be disastrous if leaked, both for the results of individual cases and for these firms’ long-term reputations.
Law firms lose on average 5% of their clients following a data breach, while a significant breach can be fatal for a company, as was the case for Mossack Fonseca in 2018 after the leaked Panama Papers. Three years on, ransomware variants like WastedLocker, Maze, and Egregor have raised the stakes higher than ever before.
Double extortion ransomware, where threat actors not only encrypt but also exfiltrate data, adds a further layer of risk to the legal sector, with the possibility that data could be made public on auction sites or online forums on the Dark Web. GDPR fines can cost firms up to 4% of their annual turnover if classified information becomes public knowledge.
To read full download the whitepaper:
Industry Spotlight: Legal