The firm announced on Thursday that it is in a “restoration phase”
Seyfarth Shaw was targeted in what the firm said was a “sophisticated and aggressive” malware attack.
The attack occurred 10 October, a Saturday, and appeared “to be ransomware,” the firm said. Seyfarth Shaw’s monitoring systems detected unauthorised activity, and while the firm’s IT team acted quickly to contain the attack, many of the firm’s systems were encrypted in the process. As a precautionary measure, the firm shut down the affected systems.
“We understand that a number of other entities were simultaneously hit with this same attack,” the firm said.
Seyfarth Shaw said that it was coordinating with the FBI, and there was no evidence that client or firm data were accessed or removed in the attack as of Thursday. The firm said that it was in the “restoration phase,” and announced that its email system was fully back online.
“Based on the progress we have made so far, we expect to have full restoration of all of our critical systems by early next week,” Seyfarth Shaw said on Thursday.
Former BigLaw CIO Frank Gillman, who is now with consulting firm Vertex Advisors, said in a statement published by Law360 that law firms’ “attack surface” has been extended as a result of remote work setups implemented due to COVID-19 restrictions.
“It's a daunting task for any business to protect itself from cyber threats, and partially that's because the…biggest cyber threat[s] are people,” Gillman said. “The possibilities for attacks are multiplied ad infinitum by having everyone use all these different devices.”
North American cyber insurance provider Coalition revealed in a September report that 41% of claims paid out in the first six months of 2020 were in relation to ransomware attacks. The report also indicated that ransomware attacks against Coalition’s policyholders increased in frequency by 260% during this period.
Gillman said that firms should adopt the “principle of least privilege,” granting only minimal necessary access for routine, authorised activities.
“I would urge every firm out there to double or triple their previous efforts towards cyber risk mitigation,” he said.
In addition, Ward Insurance’s Oregon-based executive risk practice leader Anne Hasenstab told Law360 that she has observed a rise in the number of insurance claims filed by law firms since remote work setups were implemented. And it’s not just BigLaw firms that need to watch out – small and midsized firms have been victimised as well.
“The shift is, it's less about the quantity and more about the quality of the data, so it's more about what's important to you that they can then exploit and then get money from you,” Hasenstab said.
She suggested that all firms should introduce multifactor authentication for crucial information and incorporate cybersecurity into their risk management portfolios to guard against cyberattacks.