More than one-quarter of all law firms have experienced some type of data breach — here’s what your firm needs to know when it faces a cyber or ransomware attack
If you think your law firm’s secure technology is up to date, you might want to think again. The New York entertainment and media law firm Grubman Shire Meiselas & Sacks is the latest victim of what seems to be the new norm in the legal representation of high-profile clients.
According to an attorney with the firm, Allen Grubman:
“Despite our substantial investment in state-of-the-art technology security, foreign cyberterrorists have hacked into our network and are demanding $42 million as ransom.”
Law firms are particularly susceptible to these attacks due to the sensitive nature of the data that they store on behalf of their clients. According to the American Bar Association and the U.S. Department of Justice, 25% of all law firms have been subjected to, or experienced, some form of a data breach involving hackers.
The average cost of a ransomware attack on a business is $133,000. The cost of ransomware attacks surpassed $7.5 billion in 2019, according to Emsisoft. Computer-oriented crimes span a wide variety of actions, intentions and goals, and no company is too large or too small to be affected by a cyberattack. This is why cybersecurity for law firms is so important.
So, what is there to know about ransomware attacks on law firms? And what should you do if your firm finds itself facing such a dire scenario?
Let’s hash it out.
How Do Ransomware Attacks Happen?

Hackers generally start by accessing your server by using remote desktop protocol credentials deciphered through a brute-force attack. If not through a brute-force attack, hackers are known to gain entry by purchasing remote desktop protocol (RDP) credentials on cybercrime marketplaces.
During the COVID-19 pandemic, the number of brute-force attacks on RDP servers has drastically increased due to the record number of employees who are now working from home. This increase in attacks is primarily due to companies rushing to grant remote access to their workforce. The need to remotely access workstations and servers inevitably creates additional vulnerabilities in a firm’s network.
On April 29, 2020, the Department of Homeland Security released updated Microsoft 365 Security Recommendations, which highlight the fact that many organizations are rushing to “adapt or change their enterprise collaboration capabilities to meet ‘telework’ requirements” and that organizations “may not be fully considering the security configurations of the platforms they are moving to.”
After a hacker gains access to a firm’s server, they will map the target network, looking for any sensitive intellectual…
Read more:REvil’s Lessons: It’s Time Law Firms Quit Taking Cybersecurity for Granted – Hashed