Goodbye job applications, hello dream career
Seize control of your career and design the future you deserve with LW career

Zero-day attacks, red teaming and other cyber concerns

There are a myriad cybersecurity issues that legal departments must concern themselves with, with proactivity being key to the safety of a business’s information.

user iconJerome Doraisamy 25 June 2019 Corporate Counsel
Zero-day attacks, red teaming and other cyber concerns
expand image

Speaking recently on a live webcast hosted by Lawyers Weekly — Security breaches: is your firm protected? — Telstra security consultant Keith Kerr said zero-day attacks refer to instances where legal teams discover vulnerabilities that haven’t before been apparent.

“Every day up to that day, that vulnerability is a zero day, which can be used to exploit that system or service or software. To what extent depends on the zero day itself, but for example, say it was something which could compromise the latest version of Windows, or a particular service running within that,” he explained.

“Depending who discovers this zero day, if it’s a researcher they would tend to go through what we call a bug benefit program where theyre given compensation from a vendor for their finding, and the vendor then works on a patch and fixes that up so its no longer an issue. Or, in the worst-case scenario, it could be someone whos a black hat hacker, whos actually using it for malicious means for [themselves], to either extract data or harm a company or an individual.


“Or, more likely, go through a broker on the black market and sell that vulnerability to absolutely anybody for however much theyre willing to pay and set claim or whatever theyd like to pay.”

Also discussed during the webcast was the issue of red teaming, which Herbert Smith Freehills partner Kwok Tang (pictured) explained refers to going in and attacking and testing the capabilities of legal teams. This, he said, requires a proactive approach by those in charge.

“Most data breaches arise from, really, human error. A large part of the protection around that is really cyber resistance training or awareness. Giving training and when you’re onboarding give the training to all your staff, not just necessarily give it to the legal staff, just all staff should have cyber awareness training and then to frequently test that,” he said.

“[We had a phishing exercise] at my firm, maybe a couple of months back, where they sent a funny-looking email and you look at it and in the back of your mind you treat it as, this doesnt quite look right, and then we have a mechanism where you could press a button to notify and trigger that this is potentially a phishing exercise.

“That, it was a test from the firm, from our IT department, testing us. No, we have onboard training but also just frequent reminders and real-life examples of testing to make sure that your staff is aware thats an issue.”

Mr Kerr added: “That behavioural element, when combined with awareness training, [has] certainly much more of an impact, because if you think about it, a lot of organisations have awareness training which is essentially click-through, people are given it when theyre busy, so theyll click through to get to the end of it, and it doesnt really sink in.

“If youre being tested through things like phishing emails, and youre starting to build a habit of clicking on that report button, or it may be a case of raising your hand to your IT guy, so if its a small company and theyre just sitting across the room from you, flicking it through in an email, or just shouting across the room, thats changing your behaviour and that takes the onus off you to make a decision.

“By doing that youre empowering the user to say, ‘Okay, I dont need to understand the extent of this email, whether its malicious or not; what I need to do, I think, is, could this be a malicious email? If it could, what action do I take?’ You need to facilitate users with an action to take, and thats part of the process.”

To view the full webcast, click here.

This email address is being protected from spambots. You need JavaScript enabled to view it.

You need to be a member to post comments. Become a member for free today!