Why Computer Security Is Critical for Lawyers It is crucial for the legal professionals to recognize cyber threats and take immediate action to defend against cyber intrusions of client data and other confidential information. Law firms are a prime target for cyber criminals as they store a large amount of valuable and sensitive confidential client information on their computer networks. The cyber risks for law firms are diverse and changing day by day with increased hacking and data interception threats and greater use of mobile devices and cloud computing. The New York Times in a recent article drew attention to the fact that a growing number of big corporate clients are asking their law firms to take more steps to guard against online intrusions that could compromise sensitive information. Cyber Risks â€“ What Is Involved Cyber criminals may steal personal and confidential data. The theft and subsequent publication of confidential information held on a law firm's computer could be very damaging for both the law firm and its clients. Further risks may involve: o Cyber extortion: Cyber extortion is a crime that involves a cyber
attack, or threat of it, against an organization coupled with a demand for money to stop the attack. The majority of cyber extortion episodes go unreported because victims mostly shun publicity. o Phishing and spear phishing: Phishing is the process by which cyber
thieves are able to lure unsuspecting victims to a malicious link that executes malware. These malicious links are usually presented to a user through an e-mail message. Spear-phishing is particularly focused on a single user or department within an organization. Cyber criminals gather information about a victim, which is then used to construct a fraudulent email, intended to trick the victim. Rather than being obviously nefarious, these emails are very realistic.
o Free downloads: Be careful of sites that offer free viewing or
downloading of copyrighted material. Such sites can deliver malware by exploiting a web browser. Once the web browser is compromised, additional malware can be queued to download. o Outdated software: Outdated software is often an easy target for
cyber criminals wanting to gain unauthorized access to a computer. Therefore, updating all software regularly lowers the chance of a malware breakout. o Wi-Fi risks: Though legal professionals appreciate the convenience
of mobile computing, mobile devices such as laptops, smartphones, and portable electronic storage devices pose distinct threats to data security. Wireless connections are vulnerable and may allow the interception of your confidential communications. Wi-Fi method is more commonly used than device-specific malware for stealing data from laptops and mobile devices. Remedies for Data Loss and Corruption Law firms are already bound by a number of different laws and regulations to address cyber security issues, including the SRA Code of Conduct, the Legal Services Act, the Data Protection Act, contract, tort law and the law of confidence. o Identify the true URL before clicking: Phishing attacks are not
problematic unless the user clicks on the link to the malicious web server within the message. Before you click, â€œhoverâ€? your cursor over the link to see the true URL o Anti-virus software: An intrusion prevention system such as firewall
or anti-virus software can be used to keep away attackers from gaining access to your network. o Encryption: Encryption safeguards data by scrambling it, making it
useless without a password or security token. It is crucial to encrypt all protected information sent from or stored on any electronic device. Automated applications such as BoxCryptor, Cloudfogger, SecretSync or SugarSync can encrypt files at your desktop before they are transmitted to Cloud storage. The local software encrypts the files
using your encryption key and then sends the documents to your Cloud storage folder, such as Dropbox. Automated email encryption provided by ZixCorp can simply attach a file to an email and select “send encrypted.” Inbound messages from ZixCorp customers are automatically decrypted and delivered to the lawyer’s normal email inbox. Data Security and Legal Transcription Lawyers relying on professional legal transcription service providers for transcribing their legal reports, legal notes and dictation summaries and court transcripts should also ensure that the provider follows standard security measures to protect your client data. Before signing up for the project, ensure that the company uses advanced transcription software and provides safe file transfer options. Also make sure that the transcriptionists ensure confidentiality when handling sensitive legal information.
Published on May 26, 2014
It is crucial for the legal professionals to recognize cyber threats and take immediate action to defend against cyber intrusions of client...