Law firms have become top targets for cybercriminals, according to our insurance carriers. While legal practices have long faced cyber threats, the tactics have evolved.
In the past, cybercrime largely aimed to steal financial data from individuals. Today, the risk has escalated: attackers are deploying malware to infiltrate law firm systems and extract sensitive legal information.
Why Cybercriminals Are Targeting Law Firms
Legal offices of all sizes are increasingly vulnerable to data breaches. Why? Because law firms store high volumes of confidential, high-value information and handle significant financial transactions.
Remote work and evolving tactics have only made it easier for attackers. The most effective cyber exploits aren’t necessarily new—they’re more refined.
Cybercrime is now considered the top threat to law firms. The American Bar Association reports that more attorneys are adopting security upgrades and cyber liability insurance to mitigate the risk.
According to Law360 Pulse, breaches at firms with under 50 attorneys more than doubled from 33 in 2020 to 68 in 2021. Of 116 total breaches that year, 106 were due to hacking, phishing, or malware.
A 2023 ABA report found that one in four lawyers experienced a computer security breach in the past year.
What Insurance Carriers Are Seeing
Our carrier partners confirm that law firm data breaches involve highly sensitive details—class action rosters, divorce settlements, and privileged communications—resulting in larger extortion demands than seen in other sectors.
Due to reputational and legal risks, firms are often more likely to pay ransoms than other types of businesses.
Notable Stats:
- One carrier reported that 6 of the largest ransomware claims last year (each over $5 million) came from professional service firms.
- Ransom demands against law firms can be 5x higher than the average demand across other industries.
- Professional services account for only 14% of U.S. businesses but over 25% of ransomware incidents.
- Small and mid-sized firms remain the most common victims due to weaker cybersecurity defenses.
Insurance Requirements Are Tightening
Cyber risk is driving insurance rate hikes—between 30% and 150% on average, with outliers as high as 500%.
As a result, underwriters are taking a much closer look at cybersecurity controls. Many now require Multi-Factor Authentication (MFA) on email, remote logins, and admin accounts. Without MFA, some firms are being denied coverage at renewal.
New policy provisions may also include:
- A minimum 20% ransomware coinsurance clause.
- Exclusions based on outdated or insufficient cybersecurity protocols.
To secure coverage and minimize exposure, firms should act now to implement security safeguards.
Cyber Insurance for Law Firms
Cyber insurance helps firms recover from the financial and operational impacts of cyberattacks. Coverage may include:
- Forensic investigation and breach response support
- Legal expenses and regulatory fines
- Client notification and credit monitoring services
- Access to public relations and crisis management experts
Because policy language varies, make sure your coverage isn’t weakened by common exclusions that limit claims.
FAQs About Cyber Attacks on Law Firms
Phishing emails: These emails attempt to trick recipients into clicking malicious links or downloading attachments that install malware.
Ransomware: This type of malware encrypts a victim’s files, making them inaccessible, and demands a ransom payment to decrypt them.
Business Email Compromise (BEC): Attackers impersonate legitimate individuals or companies to trick employees into transferring funds or sending sensitive information.
Data breaches: These occur when unauthorized individuals gain access to confidential data, such as client information or financial records.
They handle sensitive data: Law firms often hold large amounts of sensitive client information, such as financial records, intellectual property, and personal details.
They are often perceived as having weak cybersecurity: Many law firms, especially smaller ones, may not have the resources or expertise to implement robust cybersecurity measures.
They are often willing to pay ransoms: Because of the potential reputational and legal consequences of a data breach, law firms may be more likely to pay ransoms to cybercriminals than other businesses.
Financial losses: Law firms may incur significant costs from a cyber attack, such as legal fees, data recovery costs, and ransom payments.
Reputational damage: A cyber attack can damage a law firm’s reputation and lead to a loss of client trust.
Regulatory fines: Law firms may be subject to fines and other penalties if they violate data privacy regulations.
Disruption of business operations: A cyber attack can disrupt a law firm’s ability to operate, leading to lost productivity and revenue.
Take Action to Safeguard Your Legal Firm
Cybercriminals view law firms as high-reward targets due to their access to sensitive data and funds.
Cyber insurance helps mitigate damage from a breach, but it must be part of a larger cybersecurity strategy. Proper training, updated systems, and insurance protection work together to form a strong defense.
For helpful tips on other popular topics, check out articles on:
- Hidden Policy Language in Your E&O Insurance
- Navigating Cyber Insurance Exclusions
- Subcontractor Insurance: Strategies for Staffing Agencies
Article By Jamie Parry
