In an era where digital information is increasingly becoming the lifeblood of organizations, the legal industry is no exception. Law firms, with their vast repositories of sensitive client and corporate data, are becoming lucrative targets for cybercriminals. The recent cyberattack on HWL Ebsworth, one of Australia’s leading law firms, underscores this growing threat.

On April 28, 2023, HWL Ebsworth fell victim to a ransomware attack orchestrated by the Russian-linked ALPHV/BlackCat ransomware group. On May 8, 2023, HWL Ebsworth communicated the incident to the Office of the Australian Information Commissioner (OAIC) – possibly a worrisome notification, since the OAIC is also a client of the firm. 

The firm initially learned about the attack through emails that were assumed to be spam. The attack resulted in the theft of client information and employee data. The hackers issued a ransom demand of $4.6M in bitcoin. They later published 1.1TB of the data they claimed to have stolen, which was later established to be 3.6TB worth of data.

The Impact

The cyberattack on HWL Ebsworth had far-reaching implications. It affected 65 Australian government departments and agencies that were clients of the firm. The national cybersecurity coordinator, Air Marshal Darren Goldie, revealed that some people and clients with personal information exposed in the hack have yet to be informed.

In response to the attack, HWL Ebsworth engaged McGrathNicol to investigate the incident and undertake containment and remediation actions. HWL Ebsworth has dedicated more than 5,000 hours and a quarter of a million dollars to combatting the hacking incident. After 16 weeks of support, the Australian government’s formal coordinated response to the incident ended, with HWL Ebsworth now able to manage its response without formal assistance from the Australian government.

A Growing Threat to the Legal Industry

The HWL Ebsworth incident is a stark reminder of the growing cyber threats facing the legal industry. Law firms handle vast amounts of sensitive client and corporate data, making them attractive targets for cybercriminals. Furthermore, many law firms are still using outdated IT systems and are slow to adopt cybersecurity policies, making them easy targets for hackers.

Basic security measures like using up-to-date security software, using current versions of operating systems and software, promptly applying patches to the operating system and all application software, employing effective backup, and training of attorneys and staff, can help protect against these kinds of threats. As the threat landscape continues to evolve, the legal industry must stay one step ahead to safeguard its data and maintain the trust of its clients.