find the latest legal job
Corporate/Commercial Lawyers (2-5 years PAE)
Category: Corporate and Commercial Law | Location: Adelaide SA 5000
· Specialist commercial law firm · Long-term career progression
View details
Graduate Lawyer / Up to 1.5 yr PAE Lawyer
Category: Personal Injury Law | Location: Brisbane CBD & Inner Suburbs Brisbane QLD
· Mentoring Opportunity in Regional QLD · Personal Injury Law
View details
Corporate and Commercial Partner
Category: Corporate and Commercial Law | Location: Adelaide SA 5000
· Full time · Join a leading Adelaide commercial law firm
View details
In-house Legal Counsel & Commercial Lawyers
Category: Corporate and Commercial Law | Location: All Sydney NSW
· Providing lawyers with flexibility and control over when they work, how they work and who they work for.
View details
In-house Legal Counsel & Commercial Lawyers
Category: Corporate and Commercial Law | Location: All Melbourne VIC
· Providing lawyers with flexibility and control over when they work, how they work and who they work for.
View details
Firms at risk of cyber blackmail

Firms at risk of cyber blackmail

Law firms are failing to protect their client data adequately, leaving them open to litigation and even ransom demands, a security expert warns.

Dr Suresh Hungenahally, chief information security officer at the Victorian Government’s department of state development, told Lawyers Weekly many firms are vulnerable to major breaches of data privacy.

“When we talk about lawyers and law firms, the three major issues they are facing is being exposed to litigation within seconds; they could compromise their client data very easily; and their business could be shut down with a loss of licence to practice law,” Dr Hungenahally said.

In particular, he warned against “ransom raids” if hackers gain access to a firm’s system.

“In a ransom raid, someone steals your data, encrypts it and demands $30,000 for the key to open it. It happens every day in Australia.”

In his experience, regulators come down hard on firms that breach data privacy, often acting immediately if a breach is reported.

A mistake that can lead to security lapses is sending unencrypted emails, which potentially allows third parties to intercept the messages.

Dr Hungenahally also suggested data leakage was a “huge problem” within firms, with lawyers accessing files using unprotected wi-fi networks or mobile phones, personal laptops or USB drives.

To protect data, he urged firms to implement a security management system “where people, process and technology are all involved in ensuring your practice and your clients are all protected against information theft”.

As part of this system, he encouraged the use of “hard controls” such as storing data on a cloud service provider or automatically classifying documents with software.

Document classification – where documents are marked as confidential or sensitive – gives lawyers legal recourse in the event of a security breach, he said.

“If you do not put any classification, anybody can come in and legally access that information, leaving you with no grounds to take them to court. It doesn't cost a lot, maybe a couple of grand, but in a litigation preparation of documents will cost $10,000 alone.”

He also urged firms to carry out an annual audit of their security procedures, including penetration testing where an expert tries to access their system to identify weaknesses.

“It's better to mitigate than to litigate,” Dr Hungenahally said. “Security goes beyond compliance. If you don't comply, you get a fine. If you have a security breach, you could lose your entire practice, no matter how small or big you are.”

Dr Hungenahally will run webinars on cybersecurity via CPD for Me throughout July, August and September.



Like this story? Read more:

QLS condemns actions of disgraced lawyer as ‘stain on the profession’

NSW proposes big justice reforms to target risk of reoffending

The legal budget breakdown 2017

Firms at risk of cyber blackmail
lawyersweekly logo
Promoted content
Recommended by Spike Native Network
more from lawyers weekly
Scales of Justice
Dec 15 2017
Timing ‘critical’ in unusual contempt of court ruling
A recent case could have interesting implications for contempt of court rulings, according to a Ferr...
Dec 14 2017
International arbitration and business culture
Promoted by Maxwell Chambers. This article discusses the impact of international arbitration on t...
Papua New Guinea flag
Dec 14 2017
World-first mining case launched in PNG
Citizens of Papua New Guinea have launched landmark legal proceedings against the country’s govern...
Allens managing partner Richard Spurio, image courtesy Allens' website
Jun 21 2017
Promo season at Allens
A group of lawyers at Allens have received promotions across its PNG and Australian offices. ...
May 11 2017
Partner exits for in-house role
A Victorian lawyer has left the partnership of a national firm to start a new gig with state governm...
Esteban Gomez
May 11 2017
National firm recruits ‘major asset’
A national law firm has announced it has appointed a new corporate partner who brings over 15 years'...
Nicole Rich
May 16 2017
Access to justice for young transgender Australians
Reform is looming for the process that young transgender Australians and their families must current...
Geoff Roberson
May 11 2017
The lighter side of the law: when law and comedy collide
On the face of it, there doesn’t seem to be much that is amusing about the law, writes Geoff Rober...
May 10 2017
Advocate’s immunity – without fear or without favour but not both
On 29 March 2017, the High Court handed down its decision in David Kendirjian v Eugene Lepore & ...