In the COVID-19 era, law firms face numerous cybersecurity challenges and vulnerabilities from lawyers and legal staff working remotely. Employees working from home are particularly vulnerable to phishing scams due to human errors and often have weak security protocols on their Wi-Fi networks, allowing hackers easier access to the network’s traffic. In fact, on March 13, the U.S. Department of Homeland Security Cybersecurity and Infrastructure Security Agency recognized these issues encouraged those that are moving to remote working status “to adopt a heightened state of cybersecurity,” because of the significantly elevated risk of malware, phishing attacks and ransomware demands amid the coronavirus pandemic.

The most important goal for a law firm is to protect its data. If a firm does not have the right cybersecurity system set up, it may have to deal with a ransomware attack. This is exactly what happened last month in May, when the law firm of Grubman Shire Meiselas & Sacks, recognized as one of the premier entertainment and media law firms in the country, was hit with a data extortion scheme. A cybercriminal ring claimed to have stolen from the firm approximately 756 gigabytes of private documents and correspondence. The hackers alleged they have possession of information on the law firm’s clients past and present, including Lady Gaga, Madonna, Nicki Minaj, David Letterman, John Mellencamp, Robert DeNiro, Elton John, the Kardashians, and even companies like Facebook, Activision, iHeartMedia, IMAX, Sony, HBO and Vice Media.