Irish Law Firms Experience 50% Increase In Cyberattacks

There has been a near 50% increase in the number of cyber-attacks reported by Irish law firms in the past year, according to research published recently.

Three firms out of every ten have been subject to a cyber-attack in the past 12 months, while 38% of the country’s top 20 firms have been the target of an attack. However, the scale of the problem may be even worse as it is thought many attacks go unreported.

The data was drawn from a survey of 107 practices in September and October, conducted by Amárach Research for an annual survey of law firms published by accountancy and consulting firm Smith & Williamson.

The names of the firms who took part in the research have not been disclosed, but researchers said they included 13 of the top 20 firms in the country, 17 mid-tier firms and 77 small firms.

Over half of the security breaches reported were caused by malware, while 35pc involved ransomware, where hackers block access to computer systems until a sum of money is paid.

The report said cybercrime was on the rise and one of the biggest emerging threats facing the legal profession. It described cybercrime as “a clear and present threat to legal practices in Ireland”, warning attacks will occur more frequently.

While data on losses by Irish firms has not been disclosed, the report said British professional indemnity insurer QBE had reported around £85m (€99m) was stolen from client accounts in the previous 18 months in the UK.

Four out of ten Irish firms who were subjected to a cyber-attack suffered “down time” as a result. Smaller firms appeared to be more vulnerable to attacks than larger ones.

Among the top 20 firms, they reported that despite being more likely to be attacked, they had invested in cyber security to the extent where to date such attacks were having little or no impact on their operations.

The Smith & Williamson report said firms needed to be cognisant of the risks of having lax security controls or untrained staff.

It said analysing risks requires a review of outsourcings and contractors as well as evaluating the benefits of a cyber insurance policy. “Law firms present a particularly attractive target for cyber criminals. Firms hold sensitive and potentially valuable data about individuals and corporates and may have significant client account balances on hand,” the report said.

“Losing client data or funds or having sensitive and confidential information exposed may be the most frightening outcome for a law firm resulting from a cyber-attack.

“Earlier this year it was reported that law firms were the targets of espionage by hackers who tried to obtain merger and acquisition details in order to facilitate insider trading.

“Firms acting in this area are likely to remain at risk from both cybercriminals and nation state attacks.”

Independent:       Irish Bank Governor Says Only A Short Time Before Cyber-Attack Hits Finance:
 

 

« US Government Is Still In Turmoil Over Cyber Defense
Inside The Mind Of Cyber Criminals »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Intercede

Intercede

Intercede is a cybersecurity company specializing in digital identities, derived credentials and access control, enabling digital trust in a mobile world.

National Cyber Security Centre (NCSC) - United Kingdom

National Cyber Security Centre (NCSC) - United Kingdom

The NCSC acts as a bridge between industry and government, providing a unified source of advice, guidance and support on cyber security, including the management of cyber security incidents.

Ammune.ai

Ammune.ai

Ammune.ai (formerly L7 Defense) helps organizations to protect their infrastructure, applications, customers, employees, and partners against the growing risk of API-borne attacks.

Secudos

Secudos

SECUDOS is an innovative appliance technology and services provider focused on IT security and compliance.

Safetica

Safetica

Safetica Technologies is a Czech software company that delivers data protection solutions for businesses of all types and sizes.

redGuardian

redGuardian

redGuardian is a DDoS mitigation solution available both as a BGP-based service and as an on-premise platform.

Techleap.nl

Techleap.nl

Techleap.nl is a non-profit publicly funded organisation helping to quantify and accelerate the tech ecosystem of the Netherlands.

Heidrick & Struggles International

Heidrick & Struggles International

Heidrick & Struggles is a premier provider of leadership consulting and senior-level executive search services for roles including Information & Technology Officers and Cybersecurity.

TalaTek

TalaTek

TalaTek is a full-service risk management firm providing expert services in risk management, cybersecurity, and compliance.

BlackRidge Technology

BlackRidge Technology

BlackRidge Technology develops, markets and supports a family of products that provide a next generation cyber security solution for protecting enterprise networks and cloud services.

ImpactQA

ImpactQA

ImpactQA is a global leading software testing & QA consulting company. Ten years of excellence. Delivering unmatched services & digital transformation to SMEs & Fortune 500 companies.

TryHackMe

TryHackMe

TryHackMe is an online platform that teaches cyber security through short, gamified real-world labs. We have content for both complete beginners and seasoned hackers.

Globant

Globant

Globant is an It and software development company. We leverage the latest technologies and methodologies to help organizations transform in every aspect, including software security.

TrustMe

TrustMe

TrustMe’s integrated platform for business trust and resilience keeps organizations safe, secure, and trustworthy.

Excite Cyber

Excite Cyber

Excite Technology Services (formerly Cipherpoint) is focused on improving the security posture of our customers.

Synergy ECP

Synergy ECP

Synergy ECP has a talented, dedicated staff to provide a broad range of services to the defense and intelligence industries.