Targeted by cyber criminals

in industry

on

Law firms often pay ransoms for cyber attacks

Imagine you are a criminal hacker group looking for companies to extort ransom from after a hacker attack. 

The text of an advertisement would read something like this: "We are looking for companies that have a lot of sensitive data on their servers, for whom the loss or publication of data on the darknet is particularly bad and who have not really dealt with IT systems in the past.

Who do you think would come forward? Most likely medium-sized law firms or commercial law firms. 

Doubling of claims

Cyberattacks on law firms have indeed increased significantly in recent years. Unfortunately, all too often with success. To quote figures: Cases of damage have doubled annually over the last decade, but have recently leveled off at a high level. 

Adventurous handling

But why are law firms in particular such popular targets for hacker attacks? While other companies can consider sitting out the attack and accepting the fact that client data appears on the darknet (unfortunately this is the case 🔥), this is not an option for many lawyers. That's why they usually have no option but to pay. Because if the client's data spreads on the darknet, their reputation is destroyed. And if the law firm doesn't pay, the clients are probably blackmailed, too.

An interesting aspect is that the negotiations are usually conducted by specialized law firms, which often negotiate the ransom down significantly. They have to be careful not to violate any laws by making the payment if the cybercriminal gang is on a sanctions list, for example.

Attack, link and more

It happens just like in any other business: it is often an email with a link that is carelessly clicked on, or a contaminated data stick that a client provides. Every law firm must therefore develop an understanding that security limits convenience. But you have to be prepared to do so. 

Conclusion: Law firms would be spared a lot if they regularly scanned their IT infrastructure for exploitable security vulnerabilities and carried out appropriate awareness cyber security training for employees. The costs for this are probably peanuts compared to a ransom payment 🤷🏻‍♂️.

Be prepared - stay one step ahead of cyber threats with the DEFENDERBOX: strengthen your law firm's resilience against hacker attacks.

Would you like to know how secure your company is? Find out with a test installation!

class="wp-image-6682"
news
home page
class="wp-image-6682"

Current contributions

  • Over 80% critical security vulnerabilities
    Alarming results from our IHK cooperation on IT security at companies! Which critical security gaps were found in our pentests?
  • "Find & Fix" campaign to get to know each other
    Protect your company and find out which security gaps or vulnerabilities exist in your IT.
  • New DEFENDERBOX feature
    After each pentest (penetration test) with the DEFENDERBOX, our customers receive an email informing them of the status of the result.
  • DEFENDERBOX NIS-2 compliant
    Our DEFENDERBOX is NIS-2 compliant, i.e. the DEFENDERBOX reports document exactly all pentests that are valid as NIS-2 certification for the NIS-2 audits.
  • Targeted by cyber criminals
    If law firms fall victim to blackmail cyber attacks, the damage is particularly high. This is why ransoms are often paid. Investments in cyber security and insurance offer protection.
class="wp-image-6678"

Do you want to know how secure your company is? Try it out! Click here for a test installation of DEFENDERBOX.
The trial offer is valid until
30. September 2024.

Order now

Comments are closed.