This article appeared in Cybersecurity Law & Strategyan ALM publication for privacy and security professionals, Chief Information Security Officers, Chief Information Officers, Chief Technology Officers, Corporate Counsel, Internet and Tech Practitioners, In-House Counsel. Visit the website to learn more.

The COVID-19 pandemic forced lawyers and judges to practice outside of their physical facilities, and continue professional services from their home offices. That same period was the worst on record for cyber attacks:

  • The Sodin (a.k.a. REvil and Sodinokibi) ransomware gang infiltrated a group of law firms and published directories, customer lists, contracts and credentials to the dark web.
  • Gootloader offered free resources and templates for professionals (lawyers, doctors and engineers) which were infected and used to establish initial access.
  • Attackers posed as law students to establish a mentor relationship with senior partners and judges and then sent a link to a survey which deployed payloader malware.