1 / 21

About Dark Reading

The Growing Cybersecurity Threats to Law Firms Kelly Jackson Higgins, Executive Editor, Dark Reading. About Dark Reading. Cybersecurity’s Most Widely Read News Site ~1M page views/month Ranked #1 among CISOs (Apollo Research, 2016) Six full-time editors, plus several contributing editors

ianm
Télécharger la présentation

About Dark Reading

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. The Growing Cybersecurity Threats to Law Firms Kelly Jackson Higgins, Executive Editor, Dark Reading

  2. About Dark Reading • Cybersecurity’s Most Widely Read News Site • ~1M page views/month • Ranked #1 among CISOs (Apollo Research, 2016) • Six full-time editors, plus several contributing editors • www.darkreading.com • An Informa (formerly UBM) Brand • Content also appears on InformationWeek, Network Computing • Sister brand of Black Hat and Interop conferences

  3. Dark Reading 2018 Strategic Security Survey Overview • Methodology: Online survey of 300 IT and cybersecurity professionals at North American companies with 100 or more employees. • Focus: Cybersecurity challenges, plans, and directions, as well as respondents’ experiences and concerns about data breaches • Notable findings: 48% consider end user awareness training the most valuable security practice • 69% have password policies, and 67% have invested in end user awareness training

  4. 2018 Dark Reading Strategic Security Survey More than half of all organizations suffered breaches via malware Phishing attacks leading to security breaches hit just under half of organizations

  5. 2018 Dark Reading Strategic Security Survey More than 60% say end user mistakes or threats will cause major breach Only approximately one-quarter believe their organization will suffer a targeted attack

  6. Most Common Cyber Threats Facing the Legal Sector • Cybercrime: Ransomware, Phishing, BEC scams • Cyber Espionage: Pure spying attacks by nation-state hacking groups • Strategic Attacks: Hacking law firms to reach their clients, other business relationships – stepping-stone type attacks to reach ultimate target

  7. Cybercrime • Ransomware (Ryuk or “Death Note”) • Phishing • Business Email Compromise (BEC) scams

  8. Ransomware • Malware encrypts, locks out users from files, data • Ransom note/message demands payment for releasing files, data • Phishing email, stolen credentials, RDP, VPN • Ransomware kits – easy & inexpensive (free- to $250) • Payment in Bitcoin, other cryptocurrencies • Average ransom demand in 2017 was $522 - less than half of what it was in 2016, $1,070, according to Symantec • Nearly 75% of organizations stockpiled cryptocurrency in past year (Code42) • 8 in 10 of them paid ransomware in past year (Code42)

  9. Ransomware (cont’d) • Overall, ransomware attacks have declined 91% in past year (Trend Micro) • Cryptomining/cryptojacking up 237% • Uses victim machine processor power to mine cryptocurrency • Ransomware: consumers, hospitals (2017) and now enterprises (2018) • 81% infections in business/enterprises • Shift to email-based attack vector (phishing) • More law firms getting hit • Real-world example: 2017 NotPetya data-destruction attack on DLA Piper

  10. 2018 Dark Reading Strategic Security Survey

  11. 2018 Dark Reading Strategic Security Survey

  12. Phishing and BEC Scams • Phishing:malicious email (infected URL, attachment) • Clicking = Infection • Social engineering • Typical Step 1 of cyberattack • BEC:posing as law partner, colleague • Phony invoices, payment requests • FBI: BEC & Email account compromises up 136% (12/16-5/18) • 41K US incidents, $2.9B losses

  13. Real-World Cybercrime Risks for Law Firms • Jan 2018: More than 1 million user credentials from top UK law firms found on Dark Web • 2,000 emails/firm on average • Largest firm: 30K exposed emails • Cybersecurity firm RepKnight research • Most from other breaches: LinkedIn, Dropbox, third party accounts that used corporate email addresses • Credential-stuffing attacks

  14. Cyber Espionage • Nation-state hacking groups conducting spying • China (most active), Russia, North Korea, Iran are the most prolific • China known for intellectual property theft via cyber espionage • Similar types of attack methods as cybercriminals • Phishing, stolen user credentials, sometimes water-holing attacks • Target: Law firm email systems, document management systems • Valuable information, intel on clients, mergers & acquisitions

  15. Example of Cyber Espionage Attack • Chinese government-sponsored hacking team Stone Panda, APT10 • Intel agency: Ministry of State Security (non-military) • Attack v US, European companies last year included a US law firm specializing in intellectual property law • Law firm clients: pharmaceutical, technology, electronics, biomedical, automotive, others

  16. Strategic Attacks • "It's about how well-known your clients are - not how well-known your firm is.” -Tom Cross, security expert and CTO, OPAQ Networks • Strategic attack: law firm targeted as a stepping-stone to the ultimate target, its client/s or business partner/s • Nation-states, or even nefarious competitors of client or business partner

  17. Panama Papers: A Wake-Up Call Data Breach • 2016: 11.5 million sensitive data records, 2.6 terabytes of data, hacked & leaked by alleged whistleblower • Mossack Fonseca in Panama • Exposed illicit financial dealings for high-profile politicians – Vladimir Putin, former British PM David Cameron, soccer star Lionel Messi • Demonstrated how legal sector vulnerable, lacking security resources • BitSight’s credit-score style rating for legal sector’s cybersecurity effectiveness: 690 out of 900

  18. Internet of Things (IoT) and Mobile • Networked printers a possible attack vector • Other Internet of Things (IoT) devices in the office: videoconferencing systems, etc. • IoT devices: default passwords, ports open to the public Internet • Change the passwords, close unnecessary ports, firmware updates • Mobile lawyers: smartphones, laptops, public Wi-Fi exposure

  19. How to Protect Your Firm: Some Best Practices • Assume you are or already have been attacked • Even small firms have information and/or clients valuable to attackers • Do the basics: keep software updated, run anti-malware scans, create strong passwords & don’t reuse them • Don’t click on unexpected attachments or links in email • Regular, offline data backups (best remedy to ransomware attacks) • VPN software for the office, mobile working • Hard drive encryption • Multi-Factor Authentication • Least privilege

  20. Final Thoughts • Make cybersecurity a culture as well as a practice • Ongoing training for users • Security policy • Security services: vendors, managed security service providers • Have an incident response plan in place: who to contact, what to do

  21. Q&A@kjhigginskelly.jackson.higgins@ubm.com

More Related