Cybersecurity in the judicial and legal domain is of extreme importance. As an industry, legal practices or lawtech startups have always faced an elevated onus to protect and manage sensitive personal, case data.

However as most SMEs often caught in unpredictable cash flows or limited internal financial or cybersecurity resources, they end up using only keywords or 2FA when it comes to authenticating their users.

This trend is common to legal practices who may have proprietary software for their users, as well as for SaaS suppliers providing niche service applications to them (for eDiscovery, case management, etc.)

They do not have an overarching cybersecurity tool or policy, leaving them often open to exploits, malignant updates, plugins malware injections, etc.

2FA and MFA makes law tech organizations effectively compliant, in regulatory terms showing reasonable efforts to ensure their users cyber security.

However they operate in a field where other risks exist which are not covered by protocols such as keywords or MFA, which as we covered here can give a false sense of security. Many types of frauds or fraudulent behaviors can bypass password or MFA protocols.

A growing cost across the board, chiefly for high regulatory data This growing risk, common to all SMEs, is expounded specifically for legal practices and lawtech startups because theirs is a much higher onus, to protect even more sensitive data.

Legal practices and lawtech startups are disproportionately exposed to cybercrime as the data they must securize is possibly of the highest value out there.

Data breaches can directly compromise a high profile case, and cost catastrophic financial damage to legal practices.

Law as an industry is also, unsurprisingly, a highly litigative environment, and indirect consequences of the data breach can also run in the millions of $.

Also, legal tech is exposed to a much higher reputational/litigative cost should they be found in breach of data security themselves.

Finally, having less financial recourse than larger organizations, they are more likely to go bankrupt as a result of cybersecurity attacks, than larger organizations would. A telecom group suffering a data breach may litigate and carry on at the cost of a few millions.

For a legal practice, the direct and indirect liabilities, contrasted to their financial reserves, often means that the practice will go bankrupt, if not by direct litigation, by long term reputational decline.

Smart MFA in lawtech can be simply, to configure the AI cybersecurity monitoring so that an account with low risk estimate might have to authenticate for a medium value access or transaction.

A higher usage risk profile may require more MFA authentication triggers, for even lower transaction levels.

An extreme account risk profile may be configured to trigger immediate account freezing until manual review.

Smart MFA provides both more opportunities for a more nuanced cyber risk management, but it also provides on a normal day a higher cybersecurity as well as higher user UX.

To illustrate what cybersecurity breaches look like in the real world and classify them, we picked the seven famous ones.

There are hundreds of such attacks per year, but available data is scant. The financial loss can be complete (bankruptcy) or reputational and in this sense hard to quantify.

AI fraudulent cybercrime evolves also at such a pace, that collective authoritative, current data remains an ongoing challenge.

1. 1.

   Clark Hill PLC:

   • •

     Type of Attack: Phishing/Unauthorized Access

   • •

     Bad agent: Unclear. Phishing type cybercriminals

   • •

     Details: The firm fell victim to a targeted phishing attack that led to unauthorized access to its email systems.

   The attackers deceived staff into entering their login credentials on a fake login page, giving attackers access to sensitive information, related to legal proceedings and high-profile clients.

2. 2.

   Cravath, Swaine & Moore LLP and Weil Gotshal & Manges LLP:

   • •

     Type of Attack: Network Intrusion

   • •

     Bad agent: Individual / group of cyber hackers motivated by direct financial gain / information (insider trading)

   • •

     Details: These firms were breached by hackers believed to be looking for inside information for stock market trading. The method likely involved spear-phishing to gain initial access followed by lateral movement within the network to access sensitive data related to business deals and litigation strategies.

3. 3.

   Johnson & Bell:

   • •

     Type of Attack: Vulnerabilities Exploitation

   • •

     Bad agent: “Typical” online hackers, attacking vulnerabilities and known app issues for fraudulent access.

   • •

     Details: The firm was accused of having inadequate cybersecurity measures after hackers exploited vulnerabilities in the firm's web services and VPN. The breaches involved direct attacks on known vulnerabilities, which allowed unauthorized access to the firm’s internal systems and sensitive client data.

4. 4.

   Wiley Rein LLP:

   • •

     Type of Attack: Spear-Phishing

   • •

     Bad agent: Another “typical” online hack, including sophisticated spear-targeting using commonly known exploits and user lack of cyber awareness

   • •

     Details: The firm was targeted with a sophisticated spear-phishing attack that tricked employees into providing their credentials, leading to unauthorized access.

   The attackers specifically crafted emails to appear legitimate, potentially requesting password resets or other security measures, which then redirected employees to malicious websites where their credentials were stolen.

Legal practices and makers of lawtech SaaS software can sometimes feel like they are being crushed by all sides when it comes to cybersecurity. Without huge financial resources, they have to make do to protect vitally sensitive data.

That legal data itself is increasingly attacked, at scale, by cyber criminals evolving both the sophistication, scale, and variety of their attacks.

Finally, they must also face possibly the highest cost on average per data breach, considering the huge implications, direct and indirect to their operations, current cases, legal exposure, and future reputation.

The good news remains that, if AI changed the game, arming cybercriminals with a new array of AI tools for advanced phishing or malware at scale, AI also represents a potent class of solutions.

AI-led behavioral biometrics and finer cyberposture setting are also a game-changer, positive this time, for cybersecurity professionals.

AI-led solutions at large, also allow for much easier scaling of cyber defenses, through a dizzying array of defensive tools only dreamed about only years ago.

• •

  Real-time monitoring,

• •

  Fine/program level cyber data insights,

• •

  Ability to freeze and mitigate instantly before any damage happens,

• •

  Predictive ability / Specific analysis of organizational cybersecurity threat profile

• •

  Ability to design custom cybersecurity “sub-policies” in case of very specific case, extremely highly sensitive data, etc.

These strategic benefits from AI type cybersecurity are also extremely cost effective, representing only a tiny fraction in running costs, compared to the size of a potential breach.

The costs associated with cyber incidents in the legal sector can be significant to extreme. For example, ransomware attacks often result in demands ranging from tens of thousands to millions of dollars.

True costs estimates are hard to come by in the legal industry for obvious confidentiality reasons, but in the medical industry for example, the average cost of a data breach has now risen to USD$11Million.

The overall cost of a data breach in the legal field can easily run into millions when considering direct expenses like forensic investigations, legal fees, and client notifications, along with indirect costs like reputational damage and lost business.