Login | October 19, 2019

What hackers do once inside an attorney’s computer system

RICHARD WEINER
Technology for Lawyers

Published: September 20, 2019

We’ve talked a lot about how to prevent hackers from entering your system and what to do once they have—including various ethical considerations.

But, as an excellent Law Practice Today article points out, hackers have become increasingly sophisticated in not only how they access systems, but in what they do once they are in there. And they can do a lot of damage that won’t be detected for a long, long time.

Even if client data is air gapped, as some firms do by only having firm data and not client data on the cloud, this may not be enough. A lot of confidential data is stored and transmitted in ways that are subject to hacking no matter how careful the storage protocols are. Like email, for instance.

Once a lawyer’s system is hacked (and all of the big firms and many of the smaller ones have been), there are several actions that need to be taken. These include notifying clients that they may have been subject to a hack, trying to remediate in any way, etc.

But what if, after the hack, the hacker maintains an undetected presence inside the system? That is what the more sophisticated hackers are doing these days, and that puts even more pressure on legal IT to protect the system.

One hacker trick is to infiltrate and then take over an email account. Even if the hack is detected immediately, the hackers have already downloaded your entire contact list and contents of the account. That includes all correspondence, including all confidential information. (So, again and as always, encrypt all confidential data!) Once that info is downloaded, the hackers can communicate with your contacts as if they were you.

This can happen through phishing or through a newly-developing trend called banking trojans. This allows intruders to sit in your computer for months, waiting for the right time to attack. They will wait until some transaction is ready to go, and then get the info and intervene in the transaction, taking the money or saleable information or launching any number of attacks.

Hackers are now so sophisticated that preventative measures like 2-factor authentication or random password generation may not be enough. Time to bring in the professional threat detectors to proactively monitor your systems.

Read the full LPT article here: https://www.lawpracticetoday.org/article/2-ways-hackers-spy/.


[Back]