Breaking and associated brands will be offline for scheduled maintenance Saturday May 8 3 AM US EST to 12 PM EST. We apologize for the inconvenience.


Thank you for sharing!

Your article was successfully shared with the contacts you provided.
As a teen-ager in his native Ireland, Neal O’Farrell hacked his way into his school’s database. And he pulled a bunch of other online pranks. But like many former hackers, O’Farrell ultimately realized he could cash in on his skills by teaching others how to insulate themselves from cybercrime. So he turned away from the dark side. For the past 20 years, O’Farrell has been a consultant to government agencies, banks and security firms seeking to be hacker-free. His latest project is called Breach of Trust, a series of one-day security “boot camps” that promise to teach lawyers and law firms how to keep their databases safe. The first will take place in San Jose, Calif., on May 30. The cost is $395 per head. Another camp is tentatively slated for next spring in London. O’Farrell is the chief executive and founder of San Ramon, Calif.-based Hackademia Inc., a company that runs live and online educational seminars about electronic security. He dreamed up the idea of security boot camps for lawyers late last year, after he gave a speech to the California State Bar Association. “I titled the speech ‘Soccer Mom as Hacker,’ to make the point that almost anyone could do it,” O’Farrell says. “Afterwards, a lot of scared-looking lawyers wanted to know more.” The more he dug around, the more he learned just how exposed law firms and lawyers really are. “Most law firms have access to enormous corporate secrets,” he says. “But few of them have adequate security in place.” O’Farrell thinks it’s much easier to break into a big company’s law firm than it is to break into the company itself. “The most vulnerable targets are remote users,” he adds. “And law firms are the ultimate remote users.” Perhaps. But isn’t this more hype than reality? After all, who can remember the last time a hack on a law firm made the news? O’Farrell says they happen fairly frequently. He says that two months ago he was approached by a lawyer from a big New York law firm who said that a huge chunk of his firm’s data had been “stolen” by a hacker. “But they were very quiet about it. They didn’t want it to leak.” According to O’Farrell, such incidents happen “more often than you think.” In O’Farrell’s opinion, Los Angeles-based Ziffren, Brittenham, Branca & Fischer is one of the few firms that has adequately guarded itself against hacker attacks. So he has invited the firm’s imformation systems director, Lee Schwing, to be a keynote speaker at the May conference. “Lee has done a marvelous job at her firm,” he says. “She takes electronic security very seriously.” Schwing has reason to worry about law firm security. Like most law firm IS directors, she has to make sure that documents stored at the firm stay privileged and confidential. But Ziffren Brittenham is one of the nation’s elite entertainment law firms, so Schwing has to deal with concerns that elude other IS staffs. “Our lawyers have access to documents that people would pay big money for,” she says. The firm negotiated the sale of Miramax Films to Disney and counseled Michael Jackson during the ATV/Sony Music publishing merger. Its clients include Jay Leno, Catherine Zeta-Jones and Harrison Ford. Schwing has to make electronic security her top priority. She recently hired famed hacker Kevin Mitnick to try to hack his way into her firm. “The audit was supposed to take two days,” she says. “And after he hacked his way in, he was going to come teach us how to be better prepared.” But Mitnick and his gang were foiled. “They couldn’t crack us,” she says. “I was flabbergasted.” The incident taught Schwing that airtight security “certainly isn’t rocket science.” The most critical task, in her opinion, is keeping her lawyers aware of how hacks occur. “A lot of low-tech hacks involve social engineering,” she says. “And our lawyers need to know how that happens.” “Social engineering” is a fancy term for using fraud to obtain passwords. Schwing says that a hacker favorite is to obtain a lawyer’s password by calling and pretending to be a member of the firm’s IS staff. Schwing also makes sure Ziffren Brittenham lawyers change their system passwords every few months. She asks them to populate their passwords with random combinations of at least 11 uppercase and lowercase letters and numbers. “It drives our lawyers crazy, but you’ve got to make [the passwords] difficult,” she says. “The hackers all say that strong passwords are the best line of defense.” Sound simple? O’Farrell thinks it is. He’s not giving away all his secrets before his boot camps. But he concedes that it doesn’t take much to make a firm secure. “A solo practitioner can build a wall that prevents 90 percent of all hacks for under $100,” he says. “Being tough doesn’t have to be that expensive.”

This content has been archived. It is available through our partners, LexisNexis® and Bloomberg Law.

To view this content, please continue to their sites.

Not a Lexis Advance® Subscriber?
Subscribe Now

Not a Bloomberg Law Subscriber?
Subscribe Now

Why am I seeing this?

LexisNexis® and Bloomberg Law are third party online distributors of the broad collection of current and archived versions of ALM's legal news publications. LexisNexis® and Bloomberg Law customers are able to access and use ALM's content, including content from the National Law Journal, The American Lawyer, Legaltech News, The New York Law Journal, and Corporate Counsel, as well as other sources of legal information.

For questions call 1-877-256-2472 or contact us at [email protected]

Reprints & Licensing
Mentioned in a story?

License our industry-leading legal content to extend your thought leadership and build your brand.


ALM Legal Publication Newsletters

Sign Up Today and Never Miss Another Story.

As part of your digital membership, you can sign up for an unlimited number of a wide range of complimentary newsletters. Visit your My Account page to make your selections. Get the timely legal news and critical analysis you cannot afford to miss. Tailored just for you. In your inbox. Every day.

Copyright © 2021 ALM Media Properties, LLC. All Rights Reserved.