Irish Law Firms Experience 50% Increase In Cyberattacks

There has been a near 50% increase in the number of cyber-attacks reported by Irish law firms in the past year, according to research published recently.

Three firms out of every ten have been subject to a cyber-attack in the past 12 months, while 38% of the country’s top 20 firms have been the target of an attack. However, the scale of the problem may be even worse as it is thought many attacks go unreported.

The data was drawn from a survey of 107 practices in September and October, conducted by Amárach Research for an annual survey of law firms published by accountancy and consulting firm Smith & Williamson.

The names of the firms who took part in the research have not been disclosed, but researchers said they included 13 of the top 20 firms in the country, 17 mid-tier firms and 77 small firms.

Over half of the security breaches reported were caused by malware, while 35pc involved ransomware, where hackers block access to computer systems until a sum of money is paid.

The report said cybercrime was on the rise and one of the biggest emerging threats facing the legal profession. It described cybercrime as “a clear and present threat to legal practices in Ireland”, warning attacks will occur more frequently.

While data on losses by Irish firms has not been disclosed, the report said British professional indemnity insurer QBE had reported around £85m (€99m) was stolen from client accounts in the previous 18 months in the UK.

Four out of ten Irish firms who were subjected to a cyber-attack suffered “down time” as a result. Smaller firms appeared to be more vulnerable to attacks than larger ones.

Among the top 20 firms, they reported that despite being more likely to be attacked, they had invested in cyber security to the extent where to date such attacks were having little or no impact on their operations.

The Smith & Williamson report said firms needed to be cognisant of the risks of having lax security controls or untrained staff.

It said analysing risks requires a review of outsourcings and contractors as well as evaluating the benefits of a cyber insurance policy. “Law firms present a particularly attractive target for cyber criminals. Firms hold sensitive and potentially valuable data about individuals and corporates and may have significant client account balances on hand,” the report said.

“Losing client data or funds or having sensitive and confidential information exposed may be the most frightening outcome for a law firm resulting from a cyber-attack.

“Earlier this year it was reported that law firms were the targets of espionage by hackers who tried to obtain merger and acquisition details in order to facilitate insider trading.

“Firms acting in this area are likely to remain at risk from both cybercriminals and nation state attacks.”

Independent:       Irish Bank Governor Says Only A Short Time Before Cyber-Attack Hits Finance:
 

 

« US Government Is Still In Turmoil Over Cyber Defense
Inside The Mind Of Cyber Criminals »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Imperva

Imperva

Imperva is a leading provider of data and application security solutions including DDoS protection, Web application security, Data security and Cloud security.

Zentek Digital Investigations

Zentek Digital Investigations

Zentek has been providing digital forensics services to the public and private sector for computers and mobile devices since 2004.

Rackspace Technology

Rackspace Technology

Rackspace Technology is a leading provider of managed services across all major public and private cloud technologies. Secure your IT environments with powerful cloud security solutions and support.

IGEL Technology

IGEL Technology

IGEL Technology is one of the world's leading thin client vendors. Thin clients increase data security and compliance.

Rippleshot

Rippleshot

Rippleshot is a fraud analytics firm that detects mass card compromises faster, allowing issuers to execute more proactive fraud detection strategies.

Lightship Security

Lightship Security

Lightship Security is an accredited Common Criteria and FIPS 140-2 IT security testing laboratory that specializes in test conformance automation solutions and IT product security certifications.

Echosec Systems

Echosec Systems

Echosec Systems is a data discovery company delivering social media and dark web threat intelligence. Our web based security software delivers critical information for situational awareness.

StoneLock

StoneLock

StoneLock is a trusted leader in the design and manufacture of facial recognition software and technology.

Bright Data

Bright Data

Bright Data Inc is the world’s #1 web data platform, enabling organizations to research, monitor, analyze data, and make better decisions.

Censinet

Censinet

Censinet provides the first and only third-party risk management platform for healthcare organizations to manage the threats to patient care that exist within an expanding ecosystem.

ThreatNG Security

ThreatNG Security

ThreatNG is redefining external attack surface management (EASM) and digital risk protection with a platform of unmatched breadth, depth, and capabilities in thwarting technical and business threats.

Marlink

Marlink

Marlink smartly integrates hybrid, future-ready network solutions so you can benefit from the best available connectivity and IT to accelerate your digitalisation and empower your remote operations.

AFRY

AFRY

AFRY is a world leading engineering company, trusted as a supplier of services and solutions within the industry, energy, and infrastructure sectors as well as for authorities.

Doherty Associates

Doherty Associates

Drawing on our deep industry knowledge and business insight, Doherty deliver intelligent IT solutions and services that help people work more securely, more productively and more creatively.

Custom Computer Specialist (CCS)

Custom Computer Specialist (CCS)

CCS offers an extensive range of services including cybersecurity solutions, consulting, implementation, and support to help our clients maximize the value derived from IT investments.

Camms

Camms

Camms are a team of experienced professionals dedicated to providing innovative GRC software solutions that help organizations manage risk, make informed decisions, and drive positive change.