Lawyers in the Crosshairs

Last year an article on Law firms getting targeted caught my eye. I have a few friends who are attorneys and upon sharing this article with them, one responded that he felt that cybersecurity was unnecessarily complicated and made work more difficult than it needed to be. I think what he meant was that good security slowed down his workflow. I nodded my head and avoided the cybersecurity lecture. Instead, I went home and did a little more research on the rise of cyber attacks against law firms. Below is a quick summary of the following articles found on Artic Wolf, DarkReading, Manson&McBride, American Bar, and Cyforsecurity.

In 2021:

• There were 68 reported breaches of law firms with under 50 lawyers, up from 33 in 2020 (over 100% increase).

• 106 out of 116 total breaches were due to hacking, phishing, or malware.

In 2022:

• 27% of law firms reported experiencing a security breach, up from 25% in 2021.

• One in four lawyers (25%) reported their firm had suffered a computer security breach.

For 2023 and 2024:

• Cyber attacks against law firms have grown by more than 60% in the last 2 years.

• 73% of the UK's top 100 law firms were targeted by cyber attacks in the most recent financial year, up from 45% in 2018/19.

• 90% of the top 25 law firms experienced a cyber threat.

Regarding specific attack types:

• 55% of targeted firms experienced attacks with viruses or malware.

• 16% faced significant attempts to break into their network.

  It's important to note that many cyber attacks may go unreported or undetected, so these figures likely underestimate the true scale of the problem. The trend indicates a significant and growing cyber threat to law firms of all sizes.

If you need help figuring out how to protect your business from being an easy target, I’m here to provide cyber strategies for securing sensitive data.