Why Law Firms are Vulnerable to a Cyberattack

Increased Cybercrime Threat to Law Firms

According to our insurance carriers, lawyers are now the top sector targeted by threat actors. Of course, law firms are no strangers to threats from cybercriminals, but the nature of this threat has changed over time. In the past, cybercrime was primarily an end-user problem, with hackers seeking to steal financial information. Today, the danger has shifted-instead of stealing data, criminals are using malware attacks on law firms to gain access to sensitive legal information.


Why Law Firms are Targeted by Hackers

Unfortunately, with cybercrime at an all-time high, law firms are increasingly at risk of suffering from hacking or data theft. While hackers can reach almost any company, law firms have particularly vulnerable information on their computers and devices that could be used to commit fraud against clients if it falls into the wrong hands.

Cybercrime isn’t only an issue for huge corporations with thousands of clients and employees; it can also be highly damaging to small-scale and mid-size organizations such as law firms. In fact, cybercrime has been labeled the number one threat to these businesses. The American Bar Association reports that lawyers are increasing their use of enhanced security measures and cyber liability insurance policies to safeguard against cyber threats.


Carriers Acknowledge Growing Risk

According to our carriers, threat actors are obtaining and leaking sensitive data, whether it’s class action lists, divorce settlements, or other vulnerable client information leading to extreme extortion demands far higher than in any other industry. Consequently, law firms are more inclined to pay ransom demands because of possible reputational and legal repercussions.

Law Firm Cyberattack Statistics:

  • According to one insurance carrier, the six most significant ransomware claims in the past 12 months all involved professional service firms, and all exceeded $5 million in costs.
  • Cybercriminals are widely known to be demanding more than five times the extortion demand from law firms than in any other industry.
  • Professional service firms make up only 14% of the businesses in the US but makeup over 25% of ransomware attacks.
  • The majority of ransomware attacks are on small and medium-sized firms due to inadequate security measures.


Importance of Safeguarding Your Firm

Ransomware threats are on the rise on so many fronts that it’s no surprise cyber insurance rates have increased too, reportedly between 30 to 150% on average and rare cases up to 500%.

So, in addition to tightening rate and capacity, underwriters are looking at how companies maintain their cybersecurity, with most insurance carriers requiring Multi-Factor Authentication (MFA) on all fronts; email, remote access, and privileged users. In some cases, insurance carriers are starting to deny renewal coverage to companies that don’t have MFA. In addition, some carriers are adding a minimum 20% ransomware coinsurance provision to their coverage proposals.

For this reason, we recommend you consider putting in place the proper safeguards to prevent a cyberattack. In addition to reducing the risk of cybercrime at your firm, it is also wise to ensure your firm has the right level of insurance protection.


Cyber Liability Insurance Protection

With cyber liability insurance coverage, cyber experts can respond rapidly to a data breach, including forensic experts, attorneys, breach response specialists, and credit monitoring companies. Cyber insurance protects corporate balance sheets from losses not typically covered by traditional insurance policies. In addition to first-party costs such as ransomware, forensic investigation, and notification, cyber insurance extends to third-party claims alleging unauthorized disclosure of personal and corporate information.


How to Secure Cyber Insurance

The cybersecurity liability insurance professionals at Mason-McBride will identify your firm’s cybersecurity risks and tailor a coverage plan that minimizes your risk exposure. Since we are an independent agency, we place our clients at the center of everything we do. As a law firm insurer, we are committed to providing you with outstanding coverage and education, support, and assistance in finding the right policy. 

For helpful tips on other popular topics, check out our articles on Cybercrime Targeting Small Businesses, Professional Liability Insurance, and Social Engineering.

By Jamie Parry

Skip to content