publication of the International Legal Technology Association
Issue link: https://epubs.iltanet.org/i/1031816
47 WWW.ILTANET.ORG | ILTA WHITE PAPER MARKETING TECHNOLOGY Security: A Shared Responsibility between Marketing, IT and Aorneys Although cyber-attacks continue to evolve every day, some of the most common attacks take one (or more) of the following forms: Malware/Ransomware: Malware – or malicious software – infects a device, server, or network in attempt to inject a virus, block a user's access, record keystrokes, or steal credentials and other sensitive information. Phishing: Phishing is the act of stealing sensitive information (credit card info, passwords, etc.) by disguising as a legitimate entity. Most often carried out through email, phishing is also carried out through phone calls and has recently spread to text messages through SMS. Cloning/Scraping: This technique is often paired with one of the methods above and is the practice of creating a malicious site that looks, feels, and acts exactly like a trusted site in order to trick users into clicking bad links, downloading malware, or submitting sensitive information. If your site receives a high volume of traffic, it could be an enticing option to clone or scrape, and hackers could use your likeness for their own financial gain. Recycling Credentials: Hackers know that people often use the same password amongst many sites. If they're able to gain access to credentials through one of the above methods on one site, they will likely try those same login combinations on other sites in hopes they'll be able to hack into it and do further damage. SQL Injection: Structured Query Language (SQL) injections can be used to request access to data when website forms or URL parameters aren't properly secured. Developers need to filter so only certain types of data can be submitted (a username and password, for instance), or hackers can submit SQL code that could request a range of actions from the database, including access to confidential information and beyond. Distributed Denial of Service Attack: DDoS attacks flood targeted machines or networks with so much traffic that it renders them unusable, thereby bringing down your site. In these cases, it's often hard to distinguish between legitimate traffic and illegitimate traffic, and so access is denied to all users. ILTA Once they've settled on a motive, how do the hackers get in? DEB DOBSON Deb Dobson is the Marketing Technology Manager at Fisher Phillips LLP, a national labor and employment law firm. She manages the firm's marketing technology, including implementation of new tools to assist with marketing and business development. She is interested in how marketing and emerging technologies such as blockchain, artificial intelligence and big data can help law firms reach their business goals. She can be reached at ddobson@fisherphillips.com, connect with her on LinkedIn https://www.linkedin.com/in/ debdobson or follow her on Twitter @debdobson. JEFF HIRNER Jeff Hirner is one of One North's founders and serves as the Chief Operating Officer. Prior to the formation of One North, Jeff was the Senior Director of Services and Support and a member of the Senior Management Team at Hubbard One. He has also worked as an architect and a senior consultant in the financial services segment at Accenture. Jeff holds a degree in operations management from Marquette University and a J.D. from the Loyola Chicago School of Law. Jeff can be reached at jhirner@onenorth.com.