Cyber-attacks a daily occurrence for Australian Law Firms

With a cyber-attack reported in Australia every 6 minutes, security and cloud experts AUCloud have issued a major warning on the back of a new trend attacking the Australian legal sector.

Promoted by AUCloud 11 April 2024 Big Law
Security experts AUCloud CEO Peter Maloney warns of latest attacks on Australian law firms

Security experts AUCloud CEO Peter Maloney warns of latest attacks on Australian law firms

expand image

Cyber security expert AUCloud's Security Operations Centre (SOC) this week reported a major attack attempt on a prominent law firm, detecting and stopping a sophisticated ‘SEO Poisoning’ cyber-attack against the firm's data and infrastructure systems. With the latest research citing cybercrime as the main concern for Australian law firms, mechanisms for protecting, detecting, and responding are as critical to the viability as the legal expertise that underpins their practice.

AUCloud revealed it averted the major cyber security breach targeting the firm using a highly targeted tactic known as SEO Poisoning. SEO Poisoning, a method exploited by cybercriminals, involves manipulating search engine results to direct users to malicious websites. These sites, often cloaked in legitimacy, lure unsuspecting victims into downloading malware-laden documents. Such was the case when a solicitor, in search of a legal precedent via a Google search, stumbled upon a compromised link. Believing it to be legitimate, the legal representative downloaded what appeared to be a relevant document, unwittingly risking the firm’s entire network. The malicious operation doesn’t stop at the initial malware download. The compromised websites are engineered to increase their visibility on search engines, thereby maximising the potential for victim engagement. Users are enticed into clicking on links that download a .zip file containing a malicious script disguised as a document. Upon execution, this script initiates a domino effect: downloading further malware, embedding persistent access mechanisms on the victim’s device, and establishing communication with a command and control server for additional malicious downloads and commands.

Speaking to Lawyers Weekly AUCloud chief executive Peter Maloney said this incident could have spiralled into a catastrophic data breach, paving the way for ransomware attacks, extensive network reconnaissance, and data exfiltration.

“Fortunately, AUCloud's Security Operations Centre (SOC) intervened in time, employing their advanced threat intelligence and monitoring capabilities to detect and thwart the attack,” Mr Maloney said.

AUCloud recently announced a partnership with peak legal industry body, the Australasian Legal Practice Management Association (ALPMA), to provide the profession with a mix of integrated learning and development programs, encompassing education along with the deployment of cutting-edge cyber security technology tools, best practice policies and solutions.

The program leverages the skills and expertise of Australia’s top cyber security professionals, ensuring a comprehensive and sophisticated approach to safeguarding against cyber threats.

What can law firms take away from this incident?

Download AUCloud’s free ‘How to Build a Cyber Resilient Law Firm in 2024’ Whitepaper to discover the importance of vigilance and monitoring.

Cyber resilience includes ensuring employees at all levels are educated about the risks of downloading files from unverified sources. Comprehensive cyber security awareness training is indispensable in equipping staff with the knowledge to recognise and avoid such traps.

Organisations must ensure that robust cyber security measures are in place. This includes 24/7 monitoring of digital environments to detect and respond to threats promptly. Should a compromise be suspected, engaging immediate cyber security support is critical to mitigating potential damages.

AUCloud has also developed a free weekly Cyber Threat Intelligence Report, providing critical insights into the impacts of current and past threats, understanding threat actors' motives and capabilities, and provides actionable recommendations for proactive security measures and resource allocation.

Sign up for your free weekly Cyber Threat Intelligence Report.

Latest articles