Australian legal services provider recieves cyberattack

An Australian supplier to the legal services industry has suffered a cybersecurity incident.

Law in order says the attack occurred over the weekend and, as a precaution, it limited access to segments of its network, which also halted much of its business operations.

The firm has brought in specialist cybersecurity investigators who are conducting a forensic investigation into the “scope and details of the incident” with a priority to revive systems safely and quickly.

Some of the Sydney-based business’s legal industry clients may are impacted by the incident.

“We’re assessing reports that a really small proportion of data on Law In Order’s servers has been exfiltrated and proactively advising customers who may be impacted,” the firm’s statement says.

Law in order says it's working with the Australian Federal Police and therefore the Australian Cyber Security Centre (ACSC) and is committed to being open and transparent with clients.

Although Law in order has not confirmed details of the security incident, an article from IT News speculates that it may have been the Netwalker ransomware, which has been around since 2019 when it had been referred to as Mailto.

Cybersecurity specialists at Mcafee noted during a blog in August 2020 that its research suggests that Netwalker “malware operators are targeting and attracting a broader range of technically advanced and enterprising criminal affiliates.”

In an interview reported by intel471.com, an alleged member of a cyber-criminal gang said that law firms were among the foremost desirable targets for attacks. He also said that victims typically pay ransoms instead of risk data being released online.

The threat to law firms globally remains elevated.

A recent article from the Law Society Gazette said that UK law firms had reported a 300% increase in phishing attacks during the primary two months of lockdown alone. Almost two and a half million pounds of funds held by firms had been stolen within the half of 2020.

This rise in cybercriminal activity has also been seen in Australia.

Last week, ACSC head Abigail Bradshaw said cybersecurity has become a much bigger concern during the pandemic with “a sharp rise in email phishing, message scams and ransomware attacks targeting COVID-19 services and stimulus and welfare programs.”

“The cyber landscape has evolved,” she said. “It has escalated and expanded quite significantly. it's indisputable that the size, frequency and class of malicious cyber activity is on the increase .”

Bradshaw said a collaborative effort was needed to guard Australian individuals and businesses against the attcks.