Reports have indicated that cyberattacks are now being aimed at large law firms in the hope of obtaining data that can be used for insider trading.
It has been reported in the US, that a number of law firms there have been targeted and a law firm in the UK has reported that a small data security breach occurred last year. The UK firm has said that it is not aware that the information accessed has been used in any way. Another target was a law firm in London that arranges insurance policies for cybersecurity for different industries.
Bogus emails are often sent to workers at the law firms, purporting to be from senior members of staff and encouraging junior staff to pass on information or to make random payments. These are often designed to look like a standard message so that they seem familiar to the workers and the worker is then more likely to respond.
In addition, some law firms are reporting that hackers have attempted to breach videoconference systems. Entire meetings can be eavesdropped this way, and all manner of data can be overheard. Experts have said that law firms are particularly vulnerable because much of the data that they hold is sensitive.
Insider trading hackers were arrested last year after obtaining data illegally, which allowed them to earn around £70 million. It is thought that the data they obtained came from a wire news service; however, it was intercepted before it was published.