Technology has revolutionized how we conduct business generally for the better. But, despite the ease and convenience that modern technology offers, it also exposes companies to new security risks. Cyberattacks and security breaches could be devastating and can be devastating for firms in the field of law, which is why investment in security measures an absolute priority.
Security threats are always changing as hackers modify their tactics in an effort to discover new methods to gain access to sensitive information. The year 2019 has already witnessed several significant cybersecurity breaches and cyberattacks, which ought to serve as an alert for law firms that want to stay clear of similar incidents.
Texas Ransomware Attacks
In August, the 22 tiny Texas towns were hit by the ransomware threat in a coordinated manner. Hackers demanded digital payment from local authorities within the cities for the unlocking of computers. Authorities believe that the wave of attacks stemmed from one source. The Texas attacks were only the latest of a number of ransomware attacks targeted at local authorities, as well as similar events taking place in Baltimore and two Florida towns earlier in the year. The Federal government estimates that more than 4,000 ransomware-related attacks have occurred since January 1st of the year.
In July 2019, Louisiana Governor Bel Edwards declared a state-wide cybersecurity emergency due to a series of malware-related attacks targeted at schools. Three school districts experienced their computers hampered by cyberattacks, but officials were unable to provide a reason for the attacks. The cyberattacks affected schools located in Morehouse, Ouachita, and Sabine parishes. The episodes are the 2nd time over the space of two decades that the state declared an emergency due to cyberattacks. Colorado also said a crisis in March of 2018 following an attack on the Department of Transportation.
Facebook Password Breach
Security breaches that could be a threat don’t always involve hackers or cyberattacks. In March, Facebook admitted that it had kept many millions of passwords for users in plain text on Facebook’s internal servers, which enabled Facebook employees to look them up quickly. Facebook was reported to have noticed the possibility of a disaster when they conducted an annual security audit in January, despite the system being designed to protect passwords. The incident did not result in a breach. The incident, however, Ireland officials initiated an investigation to determine whether this incident was a violation of GDPR.
WhatsApp Spying Incident
In May 2019, the messaging company WhatsApp disclosed a security flaw that allowed hackers to remotely monitor users using security measures that were deemed to be government-approved. One of those affected was an advocate for human rights. Following the discovery of the flaw, WhatsApp encouraged its 1.5 billion users to download software updates that fix the issue. The hackers, who were named by media sources as Israeli-based NSO Group, figured out a way to exploit a flaw within the app to access messages of users and then install spyware by calling users’ accounts even if the users didn’t respond. This attack was notable due to the fact that attackers were able to circumvent the end-to-end encryption of WhatsApp, which is intended to block third parties from examining messages of users in the event that they get the news.
Labs Affected By Hacks on Vendors
Businesses must be vigilant about the security of their vendor’s systems and not just their own. In June 2019, Quest Diagnostics and LabCorp announced that American Medical Collection Agency, one of their billing collectors for customers, was breached, leading to the disclosure of more than 20 million of their customer’s personal information, which included bank account details, as well as Social Security number. Although the networks of both companies were not compromised, they’re currently subject to private lawsuits and investigations initiated by Illinois as well as Connecticut attorneys general in Connecticut and Illinois.
U.S. Customs Breach
The contractor-related breach also affected the U.S. government. In June 2019, U.S. Customs and Border Protection revealed it had uncovered that one of its contractors leaked an entire database of border traveler photographs after copying the photos onto its network without authorization. The breach affected less than 100,000 individuals who crossed into or out of the United States through certain routes at a single border crossing in one month and a half. They also exposed photographs of these travelers and those with license plates.
Exposure of Mortgage Records at First American
In May, First American Title Insurance Co., one of the nation’s biggest title insurance firms, revealed that it accidentally created over 885 million mortgage documents available to anyone with access to the internet. The breach exposed sensitive mortgage closing documents, which included Social Security numbers, bank account numbers, as well as driver’s license pictures. It’s unclear if cybercriminals actually used the security flaw to gain access to the sensitive information.
Companies aren’t alone in securing themselves from cyberattacks, but they could easily be avoided with proper tools and measures. Veritext Legal Solutions is known as a leading expert in litigation solutions that integrate modern security technologies. Veritext is aware of the dangers that law firms face, and we’re ready to help law firms defend themselves against these threats. Get in touch with our team today to find out more about the latest technologies that will help you protect your data’s security and avoid cyberattacks.