Cyber Security

Cyber-crime is a growing risk to law firms of all sizes as lawyers and the legal profession increasingly become targets of cyber-criminals.

While many law firms may not appreciate it, they hold information about clients that may be valuable to cyber-criminals who can on-sell client personal or transactional information. The cyber-criminals can also lock down a firm’s information and ransom firms to have it released or manipulate the flow of information to have money paid to them.

Having strategies and practice management processes to raise awareness of and boost a firm’s cyber-security is important in protecting the firm’s clients and reputation as well as sound claims prevention.

There are a number of steps you can take to minimise the risk of becoming a victim of cyber-criminals.

Useful websites

Law Council of Australia – Cyber Precedent – strengthening the legal profession’s defence against online threats

Australian Cyber Security Centre

Australian Competition and Consumer Commission

Australia’s Cyber Security Strategy

Australian Attorney General’s Department | Cyber Security

26 April 2017

How to defend against cyber crime

Practitioners need to do more to keep the door locked. Virtually all law practices today are vulnerable to cyber attacks which have the potential to disrupt delivery of legal services and compromise the security of clients’ confidential information. All staff need to understand how cyber attacks commonly occur and firms need to implement appropriate risk […]

27 March 2017

In Check Issue 74 | March 2017

What is new on LPLC’s website? Cyber security page We have a new risk management page dedicated to cyber security issues and a rolling banner on our website home page that will take you straight to the cyber security page. Building and construction practice area page We also have a new risk management practice area […]

7 December 2016

In Check Issue 73 | December 2016

Cyber risk awareness for lawyers and clients We regularly hear stories from law firms about cyber risk issues they are experiencing and to assist in managing this ever increasing, more sophisticated and ongoing threat we recently published a bulletin and checklist on the subject. The bulletin explains how easy it is to be caught out […]

31 March 2016

In Check Issue 70 | March 2016

Cyber-crime – how alert are you? Lawyers and the legal profession are increasingly becoming targets of cyber-crime and while many law firms may not appreciate it, they hold information about clients that may be valuable to cyber-criminals. The cyber-criminals can on-sell client personal or transactional information. They can also lock down a firm’s information and […]

1 March 2016

Don’t fall for fakes

Practitioners need to be wary of increasingly sophisticated scams. The LPLC is often asked if scams targeted at legal practitioners have resulted in claims. Unfortunately, the answer is yes. Most practitioners will be familiar with advance fee fraud or so-called Nigerian scams, involving an unsolicited invitation to pay money in advance to assist another party […]

19 October 2016

Cyber security cautionary tale

Introduction Cyber security needs to be at the forefront of everyone’s mind, whether you are in a small firm or a large firm. The recent experience of a Victorian law firm is a good example of how easy it is to be caught out. The realistic email A principal of one of our insured firms […]

28 April 2017

Time to prepare for mandatory notification of data breaches

The Privacy Amendment (Notifiable Data Breaches) Bill 2016 (Cwlth) was passed on 13 February 2017 and will come into effect within 12 months. It amends the Privacy Act 1988 (Cwlth) (Act) by introducing a scheme for mandatory notification of data breaches. The provisions apply to public and private organisations regulated by the Act, which include […]

10 February 2017

New cyber security resource for practitioners

Cyber-crime is a growing risk to law firms of all sizes as lawyers and the legal profession increasingly become targets of cyber-criminals. In response to this threat, the Law Council of Australia recently launched its Cyber Precedent information campaign. The website contains a number of resources to help practitioners combat cyber-risk, including: a summary of […]

12 February 2016

Practitioners need to take fraud risk seriously

Scams against lawyers are becoming more and more varied and sophisticated as a recent ‘vishing’ scam in the UK shows. The term ‘vishing’ has been coined to refer to the use of voice technology, often telephones, to trick someone into revealing information.  It is a close cousin to ‘phishing’ which is the use of false […]

23 October 2015

Client identification policy protects you and your client

Since the introduction of the ARNECC identity requirements for electronic conveyancing and s.87A of the Transfer of Land Act 1958 (Vic) (TLA) for mortgagees to identify mortgagors LPLC has received a number of enquiries from practitioners asking whether they need to identify every client. The answer is yes. There has always been an obligation imposed […]

22 May 2015

Verify that email really is from your client

Verifying the email law firms receive are really from their clients is an important cyber fraud risk managing strategy, especially as cyber-crime in its various guises is becoming more prevalent and sophisticated. In a recent New Zealand incident a lawyer received instructions from a client’s email account that had been hacked. The practitioner, who was […]

19 October 2016

Key Risk Checklist: Cyber Security

It is essential that firms take steps to prevent cyber-crime as practitioners are increasingly at risk of cyber-attacks. This is a list of the things firms need to do to at least lock the door on cyber-crime. ☐  Ensure staff have regular training on cyber security and fraud prevention including: risks associated with clicking on […]