Worldwide ransomware attack on law firm DLA Piper Puts law firms and clients on red alert

By now, every managing partner has heard the warning: Law firms and their clients’ sensitive information are a treasure trove for hackers. But the ransomware attack Tuesday on DLA Piper sounded a different type of alarm for Big Law.
 
The world’s biggest firms are just as prone to ransomware attacks as any other company, and the potential ramifications of a network-crippling malware infection are wide-ranging for a service industry that holds the legal fate of corporations in its palm.
Consider litigators unable to access motions on a deadline. Trial lawyers preparing for arguments without key documents. Transactional lawyers unable to communicate with clients attempting to close multibillion-dollar deals.
 
And of course, anxious and possibly angry clients. 
 
“The domino effect of doing something like this to a law firm permeates so many different parts of business,” said John Sweeney, president of LogicForce, a startup cybersecurity consulting firm. “Suffice it to say, it’s going to touch hundreds if not thousands of different points of business, and not only in the U.S. It’s a nightmare, there’s no doubt about it.”
 
Phone lines at DLA Piper were down Tuesday across Europe and the U.S. According to media reports and a photo tweeted by Politico reporter Eric Geller in Washington, D.C., employees were instructed not to turn on their computers and to unplug their laptops from the network.
 
“All network services are down,” a whiteboard read in what appeared to be the firm’s Washington lobby.
 
A DLA Piper spokesman confirmed the firm had been the target of a possible malware attack that had affected a large number of organizations across the globe Tuesday, including pharmaceutical giant Merck & Co. Inc.
 
“The firm, like many other reported companies, has experienced issues with some of its systems due to suspected malware,” said DLA Piper’s statement. “We are taking steps to remedy the issue as quickly as possible.”
 
In a subsequent statement on the matter, DLA Piper said that on June 27 its “advanced-warning system detected suspicious activity on our network, which, based on our investigation to date, appears to be related to the global cyber event known as 'Petya.' Our IT team acted quickly to prevent the spread of the suspected malmare and to protect our systems.”
 
DLA Piper said its investigation and remediation efforts coincided with the firm working closely with forensic experts and law enforcement authorities, including the FBI and the U.K.'s National Crime Agency. "We are working to bring our systems safely back online," the firm said.
 
Much like the WannaCry ransomware attack that spread throughout the globe in mid-May, the new round of attacks reportedly requests a payment of $300 in Bitcoin in order to obtain a “decryption code” that may unlock an organization’s files.
 
While security experts were still scrambling Tuesday to determine the extent of the encryption or any other damage levied by the newest batch of ransomware, at least 27 organizations appeared to have paid the ransom as of early Tuesday, according to a blockchain transaction record.
 
A study released Tuesday by LogicForce shows the ubiquitous risk of hacking for law firms. The company surveyed more than 200 firms and found that all had been subjected to hacking attempts, while 40 percent of those attempts were successful. What’s more, the 40 percent of firms who had been hacked were unaware of it, according to the report. Sweeney said DLA Piper was not included in his company’s survey.
 
In response to being hit by ransomware, Sweeney said firms should perform a detailed investigation of their systems involving forensics professionals to determine how the ransomware attack entered their network. Part of that investigation should including attempting to mitigate any more damage that could occur.
 
The best-case scenario in some ransomware attacks would be having an incident response plan in place that involves an off-site server back-up that could potentially restore the systems’ computers, said Robert Rosenzweig, another cybersecurity expert and national leader of the cyber practice at insurance brokerage Risk Strategies Co.
 
LogicForce’s Sweeney commended DLA Piper for issuing a public statement about the ransomware attack, something few law firms have done or been forced to do.
 
“Can they circumvent whatever’s been done to their systems and get back online? I don’t know. That would be the best option,” Sweeney said.
 
One bit of fallout from the attack may be a renewed interest from law firms in purchasing cybersecurity insurance. The LogicForce survey states that 23 percent of firms polled had cybersecurity insurance policies. Those policies will pay for direct expenses associated with a hack, such as the cost of the ransom; hiring forensic investigators; and bringing on a legal team to advise the firm of its potential risk.
 
For damage done to clients as a result of a firm losing its ability to service them or their confidential data getting into the wrong hands, it is possible a firm would have coverage under a more traditional legal malpractice insurance policy, Rosenzweig said. He said a “business interruption” component in a cybersecurity policy may also provide some relief, but added that a loss of a law firm’s ability to service its clients due to a cyber breach could have long-tailed repercussions.
 
“The risk and the potential for a complex and expensive loss is a lot more significant,” Rosenzweig said.
 
The increased risk of ransomware attacks may also cause more law firm clients to perform cybersecurity audits as part of their hiring process, said LogicForce’s Sweeney. His firm’s report states that 34 percent of firms reported undergoing a cyber audit from a client, and LogicForce expects that number to grow to 65 percent by 2018.
 
“More and more clients are demanding these audits,” Sweeney said. “And quite frankly we’re seeing some law firms losing business because they can’t comply with the audit.”
 
Source: American Lawyer
 
 
Advocatenkantoor DLA Piper ten prooi gevallen aan wereldwijde cyberaanval met ransomware
 
DLA Piper is wereldwijd geraakt door de grote cyberaanval met ransomware van dinsdag. Binnen alle DLA Piper-kantoren zijn e-mail- en telefoonsystemen uit voorzorg platgelegd; ook de kantoren in Amsterdam en Brussel zijn woensdag telefonisch nog onbereikbaar.
 
Het advocatenkantoor, een van de grootste ter wereld én in het bezit van een cybersecurity praktijk, bevestigt de problemen en werkt in een eigen onderzoek onder meer samen met de FBI.
 
Volgens berichtgeving van Legal Week kampte DLA Piper in de VS een groot deel van dinsdag met de gevolgen van de cyberaanval. Partners zouden instructies hebben gehad om – niet besmette – computers onmiddellijk uit te zetten. Diverse IT-systemen zijn uit voorzorg uitgeschakeld, waaronder de web portal waarmee toegang kan worden verkregen tot vertrouwelijke informatie. De problemen lijken te zijn ontstaan vanuit de Spaanse DLA Piper-vestiging in Madrid, aldus Above the Law. 
 
In een kort statement stelde DLA Piper dinsdag dat er stappen zijn gezet om de problemen zo snel mogelijk op te lossen: ‘The firm, like many other reported companies, has experienced issues with some of its systems due to suspected malware. We are taking steps to remedy the issue as quickly as possible.’ Ironisch genoeg publiceerde het kantoor begin juni nog een bericht op de eigen website, in reactie op de WannaCry-aanval van mei: 'WannaCry ransomware attack was just the tip of the iceberg: 9 things you should know to protect your company from the next attack.
 
Door de cyberaanval met zogenoemde Petya-ransomware van dinsdag zijn diverse multinationals wereldwijd lamgelegd. Ook de Rotterdamse haven is getroffen door de hack. Een besmette computer toont een boodschap waarin staat dat de machine gegijzeld is en pas ontgrendeld wordt bij betaling van bitcoins ter waarde van 300 dollar.
 
Afgelopen mei hield de ransomware aanval genaamd WannaCry nog wereldwijd huis: honderden bedrijven hadden last van deze aanval. Volgens sommige experts is het al langer de vraag wanneer een groot advocatenkantoor getroffen zou worden door een dergelijke cyberaanval: zo waarschuwde softwarebedrijf Files42 vorig jaar al dat bijna een derde van de Nederlandse Top 50 kantoren niet bestand zou zijn tegen cyberaanvallen.
 
Update 28 juni, 13.30 uur: DLA Piper heeft woensdag 28 juni een nieuw statement gepubliceerd op de kantoorwebsite: 'Op 27 juni 2017 detecteerde ons waarschuwingssysteem verdachte activiteiten binnen ons netwerk. Onderzoek tot nog toe wijst uit dat deze activiteit gerelateerd is aan de wereldwijde aanval met Petya-ransomware. Ons IT-team heeft snel gehandeld om verdere besmetting door de malware te voorkomen en onze systemen te beschermen. We zijn onmiddellijk een onderzoek gestart en werken hiervoor onder meer samen met de FBI en de UK National Crime Agency. We werken er hard aan om onze systemen weer veilig terug online te krijgen’.

Lawyer Roeland Zwanikken considers legal action against ABN AMRO Bank

THE HAGUE--Attorney-at-law Roeland Zwanikken at St. Maarten’s BZSE law office is considering legal action against the intention of the Dutch ABN AMRO Bank to close the bank accounts of its clients in the Dutch Caribbean.

Fiscaal onderzoek bij notariskantoren vinden doorgang

In het Antilliaans Dagblad: Fiscaal onderzoek bij notariskantoren
WILLEMSTAD – De fiscale onderzoeken bij de notarissen vonden en vinden, ondanks de beperkingen van Covid-19, weer doorgang en de medewerking aan de kant van notarissen en adviseurs is daarbij ‘over het algemeen goed’.

Juridische miljoenenstrijd tussen BNP Paribas en Italiaanse prinses verhardt

  • Bezit van Italiaanse Crociani-familie op Curaçao mag van rechter worden verkocht
  • De Crociani's ruziën al jaren met BNP Paribas over een claim van $100 mln
  • Curaçaos trustkantoor United Trust heeft 'geen enkele relatie meer' met Camilla Crociani
Een Italiaanse prinses met zakelijke belangen in Nederland heeft het onderspit gedolven bij diverse rechtbanken in een langslepend conflict met zakenbank BNP Paribas.