Peer to Peer: ILTA's Quarterly Magazine
Issue link: https://epubs.iltanet.org/i/1439196
T he legal industry is in the crosshairs of the of most active and sophisticated cybersecurity threat actors in the world, including REvil, DarkSide, NetWalker, Hafnium, and a dozen others. These world- class terrorists deploy ransomware and proudly declare law firms are a top target. By some estimates, ransomware attacks on law firms increased more than 960% between 2020 and 2021. They are talking about the legal industry—all of us—openly in their blogs and data sharing sites, and increasingly exfiltrating data to leverage as blackmail and sell on the dark web. Several have even adopted a new strategy to ratchet up the pressure during ransom negotiations: Hackers will contact your clients whose private data they've stolen as another incentive for you to pay up. They target us, they destroy our backups, they blackmail us; sadly they are succeeding. That success breeds more attacks, and we are quickly becoming a favorite target. Think about it: We typically have the most sensitive data across hundreds of customers, and our industry-wide security maturity is lacking. The threat actors have recognized that law firms are the easiest path to the most sensitive data, and they are outmaneuvering us. This is nothing short of a war being perpetrated on us by terrorists. We have to recognize the sophistication, scale, and persistence of these attacks and respond proportionately. So what are we as an industry doing about it? Unfortunately, not enough. While law firms are taking an evolutionary approach to maturing their security postures, the threat actors have undergone a revolution in the sophistication of their toolkits, attack strategies, lateral movements, exfiltration of data, and blackmail schemes. We, the legal industry, must wake up and act. Together. There is an old joke that when fleeing from a hungry bear, you don't need to run faster than the bear, just faster than the person next to you. This logic breaks down quickly when there are more than enough bears to go around. We must change how we as an industry understand this threat. We need to get on war footing, talk more about this as an industry, and help each other. The target is on us all. The first step is defining the problem and sharing data with each other so we can learn together, plan together, and bolster our defenses to protect ourselves, our clients, and the integrity of our industry. Under ILTA's leadership, Conversant began collecting data in 2019 from over 330 law firms across the globe. We created a robust Security Maturity framework built from the NIST Cybersecurity Framework and the CIS-18 Critical Security Controls to provide better insight and analysis, including comparing different geographic regions, practice areas, and firm sizes. ILTA just published the preliminary findings in the "Cybersecurity White Paper," and while that's a great start, it's just the beginning. The next step needs to be BIGGER and it needs ALL OF US. We are proud to announce that in close collaboration with ILTA, we are working on the next Request for Information (RFI) which will be released in (March/April of 2022) and give us all the opportunity to share anonymously, learn from each other, understand the industry-wide security strengths and weaknesses, and start a global conversation about how we as an industry can and must help each other. The goal of the RFI is not just to gather detailed information about current security practices within the legal industry, but also to prime the respondents for the conversations to come. The sophistication of modern security must keep pace with the emerging threat 51 I L T A N E T . O R G