A criminal with a file – the threat to their data that law firms are overlooking
by Greg Sim, Chief Executive Officer, Glasswall Solutions
Data protection is a big issue for the UK’s law firms who are guardians of some of the country’s most sensitive and sought-after commercial information.
Last year they were warned by the Information Commissioner’s Office (ICO) about the need to improve security, following a series of breaches.
Although these for the most part involved personal information, the consequences of failing to protect the data with which they are entrusted, are immeasurably serious for lawyers. The potential for a £500,000 penalty from the ICO is dwarfed by the far greater damage likely to be inflicted on their balance sheets as a result of losing their reputation for competence and regulatory compliance.
The advent of tightened legislation in the form of the European General Data Protection Regulation makes the question of data security all the more pressing. Set to come into force in 2017, the new law will impose increased penalties and fines on companies which fail to protect data adequately, or are subject to a breach.
Data criminals
There is no lack of incentive for criminals to breach a law firm’s security when it is likely to hold data about wealthy individuals, patents, trademarks, mergers and acquisitions or corporate tax affairs.
Of course, being professional and ethical the firms are fully aware of the high value of the information of which they are custodians. To protect it, they have invested in expensive perimeter security such as firewalls, web controls and email scanning.
But the threat doesn’t stop there. Commonly deployed perimeter technologies of this type can only deal with recognised threats and are unable to screen out the new forms of cyber-attacks that criminals are devising every day.
“Across the legal landscape there little information about the huge growth in security threats carried in email attachments,” says Janet Day, the former IT director at a major UK law firm with decades of experience. “Open and free exchange of documents is the lifeblood of the legal profession, but there needs to be a recognition that email attachments are the most dangerous point of vulnerability.”
Janet’s point is backed up by the facts. Across all businesses, some 94 per cent of successful cyber-attacks resulting in a data breach are now perpetrated in this way and the figure is growing every year.
The complex documents that lawyers and their colleagues routinely email back and forth hundreds of times each day are now one of the chief entry points for criminals seeking access to the treasure trove of sensitive information held by any law firm.
To counter this new scale and complexity of cyber-crime, everyone in the legal sector now needs a solution that is 100 per cent effective against all such file-based threats by allowing only completely clean versions of originals into a firm’s system.
The threat
At present these threats mostly take the form of highly targeted and sophisticated malicious exploits cleverly hidden inside PDFs, Word documents, Excel or PowerPoint files. They are not picked up by conventional perimeter security solutions, nor by sandboxes. In the majority of cases, sandboxes, which are designed as quarantine areas for testing of files, often only operate for a matter of minutes before passing a file as safe. Destructive or malicious exploits by contrast, are often designed to activate weeks or months after they have become embedded in a system.
Detecting files that hide malicious code is not easy, given that law firms routinely email thousands of complex documents in different formats to clients and third-parties using all kinds of systems and devices. Nonetheless, it is time the profession turned its focus towards a best practice solution that offers absolute security and that fully counters the threat from macros and all other malicious agents.
Leaving the bad outside
The technology is available to perform deep file analysis and real-time regeneration to produce a clean, sanitised and perfect copy of the legitimate document, free of any malicious content.
This technology gives protection against the most persistent and complex file-based threats by looking only for what is known to be “good” in the file type after it has been broken down to byte-level, regenerating it in precise compliance with the manufacturer’s standards. Not only will it keep all the malicious elements on the other side of the virtual glass wall, it will also restore files corrupted by excessive use by different parties.
This is a developed technology that is validated as 100 per cent effective in defeating file-based threats, giving an organisation an immense boost to its security. In addition it reduces the amount of time and money wasted on conventional approaches, by for example, removing the requirement for time-wasting sandboxes, which routinely generate more than 60 per cent of false positives. No longer is it necessary for IT staff to waste precious man-hours resolving which of these thousands of files is safe.
Taking back control
Importantly, security solutions need to put high-level decisions about security protocols back in the hands of those at corporate level, rather than at the discretion of staff members. It means an organisation like a large law firm is back in control, adjusting cyber security policy according to who needs to use which file-type.
At the same time, law firms need to be constantly acquiring actionable intelligence about the evolving nature and size of threats from the comparison of unknown and unstructured files against established standards. This is a major advantage when the volume of unstructured data being encountered daily in this industry is commonly far higher than any other.
Not least among the many benefits of this technology is its transparency. Law firms are increasingly required to demonstrate that they are compliant with best practice – not only to regulators, but to third parties. Banks in particular are already insisting on demonstrable compliance with cyber security standards in their dealings with their legal counterparts and this a trend that can only gather strength as the European regulation looms closer.
An urgent necessity
It is as well to remember that cyber security threats are not figments of someone’s imagination. A Freedom of Information request to the ICO last year revealed that it had investigated 173 law firms over 187 potential data breaches, of which 29 per cent related to security. In October, UK banks suffered £20 million in losses to cyber-generated breaches, while the cost to the country as a whole is annually put at £36 billion.
When the risks are so great and the threats so imminent, it does not require the greatest minds in the land to work out that a technology that provides active and absolute protection from file-based cyber threats should be installed as an urgent necessity when lawyers are sitting on vaults of incredibly sensitive and valuable information. Janet Day summarised that in her opinion “Glasswall’s solution will aid enormously those trying to avoid the issue, the potential impact in customer confidence and trust and the penalties involved by enforcing ‘Best Practice’ for all files entering or leaving the organisation.”