{"id":13235,"date":"2017-08-01T18:12:33","date_gmt":"2017-08-01T18:12:33","guid":{"rendered":"https:\/\/digital-sentinel.com\/?p=13235"},"modified":"2020-02-01T11:39:52","modified_gmt":"2020-02-01T11:39:52","slug":"dla-pipers-cyber-attack-matters","status":"publish","type":"post","link":"https:\/\/digital-sentinel.com\/breach\/dla-pipers-cyber-attack-matters\/","title":{"rendered":"DLA Piper\u2019s Cyber Attack and Why It Matters"},"content":{"rendered":"
DLA Piper is not the first law firm to suffer a cyber attack, but it may be remembered that way after a powerful malware forced the global law firm to shut down or limit its email for hours on end and to work off of cellphones.<\/p>\n
In\u00a0the most glaring example to date of hackers interfering with\u00a0a major U.S.\u00a0law firm\u2019s ability to conduct its daily business, reports started\u00a0surfacing on Tuesday morning that the firm had shut down\u00a0its phone system and email. By the following day, the firm stated on its website, which remained functional throughout the ordeal, that it had shut down its email and other systems to contain the spread of what appeared to be \u201cPetya\u201d malware, and aimed to restore email\u00a0by the evening European time.<\/p>\n
News outlets in the U.S., the U.K., New Zealand, and elsewhere reported on\u00a0the attack DLA suffered. But it is most likely not the first firm to fall victim to a ransomware attack: An FBI agent in New York told Big Law Business earlier this month\u00a0that other law firms have avoided such publicity from such attacks by paying a ransom to hackers.<\/p>\n
\u201cRansomware attacks have steadily increased in number,\u201d said Aristedes Mahairas, special agent-in-charge in the cyber division of the New York City\u2019s FBI field office, in\u00a0an interview<\/a><\/strong>. \u201cWe\u2019re hearing that there are law firms paying the ransom.\u201d<\/p>\n The spread of the Petya virus, which locks people out of their computer network and demands a $300 ransom in cryptocurrency follows on the heels\u00a0of\u00a0WannaCry, a ransomware that infected companies in 150 countries in May. And by Wednesday, there was speculation that whoever was behind the latest Petya attack wasn\u2019t interested in money, but rather disruption, because the malware also destroyed some computers\u2019 data, Bloomberg\u00a0reported<\/strong><\/a>.<\/p>\n DLA Piper has not said whether it paid any ransom, but it has said it found no evidence that any client information was affected.<\/p>\n A U.S.-based spokesman for DLA Piper, whose phone would not accept calls or messages on Tuesday, issued\u00a0a statement on Wednesday:<\/p>\n On June 27, 2017, our advanced-warning system detected suspicious activity on our network, which, based on our investigation to date, appears to be related to the global cyber event known as \u201cPetya\u201d. Our IT team acted quickly to prevent the spread of the suspected malware and to protect our systems.<\/p>\n We immediately began our investigation and remediation efforts, working closely with leading external forensic experts and relevant authorities, including the FBI and UK National Crime Agency.\u00a0We are working to bring our systems safely back online.<\/p>\n A statement posted on the firm\u2019s website said its people continue to be available on their cell phones. In New Zealand, one paper\u00a0reported<\/strong>\u00a0<\/a>that the firm\u2019s lawyers in the country could send but not receive emails.<\/p>\n Overall, ransomware\u00a0is a fast-growing threat: According to Verizon\u2019s 2017 Data Breach Investigation\u00a0report<\/a>,<\/strong>\u00a0which surveyed the cybersecurity landscape, ransomware has moved up from the 22nd most common form of malware in 2014 to the fifth most common because it is fast low-risk and easily monetizable.<\/p>\n \u201cLaw firms are certainly attacked by ransomware on a regular basis,\u201d said Adam Cohen, a managing director with data security expertise at the Berkeley Research Group, a consultancy, \u201cbut I don\u2019t know of anyone being shut down like this.\u201d<\/p>\n More often, he said, you hear about law firms being targeted because\u00a0they serve as repositories of their client\u2019s most sensitive information, which can be used for corporate espionage, insider trading or other criminal purposes.<\/p>\n In March 2016,\u00a0Big Law Business\u00a0reported<\/a><\/strong>\u00a0on\u00a0an FBI alert about a web post on\u00a0a \u201ccyber criminal forum,\u201d seeking hackers who could penetrate\u00a0law firms\u2019 computer networks and\u00a0steal data for an insider trading scheme.<\/p>\n The threat detection company Flashpoint Security also issued a client alert in February 2016, obtained by Big Law Business, which described a character named \u201cOleras\u201d who wanted to harvest data from law firms for insider trading, and provided a spreadsheet with\u00a0a list of 48 law firms including both\u00a0Weil Gotshal & Manges and Cravath Swaine & Moore, which the Wall Street Journal later reported suffered data breaches.<\/p>\n But even though Weil and Cravath are\u00a0among just a few law firms reported to suffer\u00a0a data breach, their situations differed in that there were no reports that the hackers disrupted its computer networks in the same way as at DLA Piper,\u00a0where\u00a0lawyers were forced use their cellphones for communications, according to the firm\u2019s note to clients.<\/p>\n Of course, there have been other publicized examples of hackers penetrating smaller law firms, and\u00a0even international law firms, such as Panama\u2019s Mossack Fonseca, whose client information\u00a0was exposed<\/strong>\u00a0<\/a>after hackers stole 11.5 million documents and leaked them to an international consortium of journalists.<\/p>\n DLA Piper, with a reported $2.5 billion in revenue in 2016 and nearly 4,000 lawyers and offices in 40 countries, is among the largest law firms in the world and the U.S.<\/p>\n