Australian legal services provider hit with cyber attack

Digital services firm Law In Order forced to halt much of its operations after the incident over the weekend

Australian legal services provider hit with cyber attack

An Australian supplier to the legal services industry has suffered a cyber security incident.

Law In Order says that the attack occurred over the weekend and, as a precaution, it limited access to segments of its network, which also halted much of its business operations.

The firm has brought in specialist cyber security investigators who are conducting a forensic investigation into the “scope and details of the incident” with a priority to restore systems safely and quickly.

Some of the Sydney-based business’s legal industry clients may have been impacted by the incident.

“We are assessing reports that a very small proportion of data on Law In Order’s servers has been exfiltrated and proactively advising customers who may be impacted,” the firm’s statement says.

Law In Order says that it is working with the Australian Federal Police and the Australian Cyber Security Centre (ACSC) and is committed to being open and transparent with clients.

Could it be ransomware?

Although Law In Order has not confirmed details of the security incident, an article from IT News speculates that it may have been the Netwalker ransomware which has been around since 2019 when it was known as Mailto.

Cyber security specialists at Mcafee noted in a blog in August 2020 that its research suggests that Netwalker “malware operators are targeting and attracting a broader range of technically advanced and enterprising criminal affiliates.”

In an interview reported by intel471.com, an alleged member of a cyber-criminal gang said that law firms were among the most desirable targets for attacks. He also said that victims typically pay ransoms rather than risk data being released online.

The threat to law firms globally remains elevated.

A recent article from the Law Society Gazette said that UK law firms had reported a 300% increase in phishing attacks during the first two months of lockdown alone. Almost two and a half million pounds of funds held by firms had been stolen in the first half of 2020.

Increased risk

This rise in cyber-criminal activity has also been seen in Australia.

Last week, ACSC head Abigail Bradshaw said that cyber security was become a bigger concern during the pandemic with “a sharp rise in email phishing, message scams and ransomware attacks targeting COVID-19 services and stimulus and welfare programs.”

“The cyber landscape has evolved,” she said. “It’s escalated and it’s expanded quite significantly. It is indisputable that the scale, frequency and sophistication of malicious cyber activity is on the rise.”

Bradshaw said that a collaborative effort was needed to protect Australian individuals and businesses from the risk.

Free newsletter

Subscribe to our FREE newsletter service and we’ll keep you up-to-date with the latest breaking news, cutting edge opinion, and expert analysis affecting both your business and the industry as whole.

Please enter your email address below and click on Sign Up for daily newsletters from Australasian Lawyer.

Recent articles & video

Cyber attack targets major firm – report

IP firm strengthens partnership with key hire in Brisbane

Barristers in England and Wales at a “breaking point” – survey

Law Council renews call to raise the minimum age of criminal responsibility

Law reform body recommends changes to SA law and practice

Veteran litigator boosts Simmons & Simmons Hong Kong disputes resolution team

Most Read Articles

Cyber attack targets major firm – report

NewLaw pioneer to lead KPMG Law's legal operations transformation services arm

Baker McKenzie advises US company on cross-border healthtech acquisition

Being a bookworm got this HFW senior associate into the courtroom