You might not be a celebrity yourself, but if your law firm represents people who are in the news, hackers might have you in their sights. In the following guest post, KnowBe4 CEO Stu Sjouwerman explains the risk.
Avast offers a look at incidents in which celebrities have been the victim of social engineering attacks. The firm notes that while celebrities are higher profile targets, attackers use the same tactics against them that work against everyone else.
“Most of the time, celebrities get hacked the same ways anyone else does,” Avast says. “They use weak passwords, fall for social engineering tricks, or suffer from data leaks when larger organizations holding their data are breached.”
In some cases, however, celebrities are victims of attacks they have no control over, such as the breach of law firm Grubman Shire Meiselas & Sacks.
“Celebrity law firm Grubman Shire Meiselas & Sacks, which counts among its clients such A-listers as Madonna, Lil Nas X, Robert De Niro, and LeBron James, recently found itself on the receiving end of a massive hack,” Avast says. “In May 2020, the noted hacking collective REvil — also known as Sodinokibi and one of the world’s most dangerous hacking groups — claimed to have stolen over 750 GB of contracts, emails, NDAs, and other sensitive data. REvil (short for Ransomware Evil) initially demanded a ransom of $21 million, then doubled it. Refusing to pay, the law firm instead turned to the FBI for help.”
In this case, however, the stolen information fortunately wasn’t as sensitive as the hackers made it out to be.
The end of the year is a stressful time for everyone, but it’s especially stressful for lawyers and legal professionals. Closing out case matters, completing Q4 financials, shopping for presents, making holiday plans. There never seem to be enough hours in the day to get everything done. The key to easing your stress could be Micro Self-Care. What’s Micro Self-Care? Attend our annual wellness webinar – “What is Micro Self-Care and Why Do You need It?” – on December 14 and find out. The presenter, Michael Kahn, is a JD and licensed therapist who concentrates in treating lawyers struggling with stress, depression, substance use disorders, and other career issues. This free, one-hour webinar is the latest in Alta Pro’s ongoing series of cutting-edge legal education programs. Sign up here.
Avast offers the following advice if your accounts or devices are hacked:
- “Isolate the hacked device: Unplug any Ethernet cables and disable Wi-Fi on the hacked device. This will prevent any malware from spreading or sending data back to the hacker.
- “Change your passwords: Using an unhacked device, create long, hard-to-guess, and unique passwords for all your accounts and devices — we recommend using passphrases. Strong passwords will lock hackers out of your accounts and prevent them from using old passwords to log back in.
- “Report the hack and recover your accounts: Most online services, such as Gmail or Facebook, have specific procedures in place for reporting hacks. Follow these procedures for each hacked account to regain control.”
New-school security awareness training can enable your employees to follow security best practices so they can avoid falling for these attacks.
Source: KnowBe4 (reprinted with permission)
Celebrity Hacks and the Frenzy of Renown (knowbe4.com)
If you practice in Wisconsin, Texas, Minnesota, Ohio, Illinois, Indiana or Michigan, you can stay on top of ethics and risk management news by being a member of Alta Pro Lawyers RPG. You’ll get access to free webinars, the Pro Practice Playbook, Reminger ProLink, Ask the Risk Pro and more. Here’s how to join.
