Lawyers should know how to protect information belonging to their firms and their clients, right? Well, perhaps they can do a better job, according to The Wall Street Journal. Indeed, it's now more important than ever for lawyers' cybersecurity skills to get up to speed.
According to the article, hackers intent on insider trading may target attorneys who handle merger and acquisition transactions. They could put links in text messages that, when clicked on smartphones, activate malware that could log keystrokes and record phone conversations.
As a result, lawyers who rely on mobile devices (practically all lawyers these days) need to take precautions such as encrypting messages and not using Wi-Fi connections, which can be vulnerable to information compromises.
In addition, at least one Los Angeles law firm received emails that indicated that they were from law firm members, The Journal reports. However, they actually were Trojan emails that were intended to lift data from the firm’s computers. The emails were traced to servers in China.
Cyberattacks against law firms are apparently on the rise, putting lawyers’ cybersecurity at risk. It is not entirely clear how pervasive the problem is, as law firms are reluctant to publicly reveal when they’ve been hacked. Nevertheless, the concern in this area is real. Attorneys are charged with the responsibility of protecting as sacrosanct the privileged and confidential information of their clients. They therefore need to be sensitive to cybersecurity risks that concern not only their firms, but also their clients.
Perhaps not surprisingly, some bar associations are encouraging attorneys to take appropriate technological steps to protect client information as part of their ethical duties. And the ABA may come to the table soon as to whether a lawyer’s cybersecurity obligations should be incorporated into the model rules of professional conduct.