After last month’s WannaCry ransomware attack infected thousands of businesses and individuals across the globe, law firms were identified as likely targets of future, similar attacks. On Tuesday, multinational firm DLA Piper became the latest victim of a major cyber hack.
The Petrwrap/Petya attack, which was found to have originated in the firm’s office in Spain, caused DLA’s network and phone system to be shut down. Employees were instructed to turn off their computers and to unplug their laptops from the network as a precaution. During the shutdown, a DLA Piper spokesperson said in a statement: “The firm, like many other reported companies, has experienced issues with some of its systems due to suspected malware. We are taking steps to remedy the issue as quickly as possible.” DLA worked with external forensic experts, including the FBI and UK National Crime Agency, to get its systems back online and recover from the attack. Nonetheless, the firm’s lawyers were without access to company phones and email due to the lockdown.
In addition to DLA Piper, other large companies were hit, including Russian oil producer Rosneft and Danish shipping company Maersk. Though first reported in the Ukraine, where the most severe damage has been sustained, the virus quickly spread to the United States and Europe. United States-based pharmaceutical company Merck was also infected. DLA Piper has experienced effects of the attack in its offices globally.
While DLA Piper is the only law firm that has been reportedly attacked by the Petrwrap/Petya ransomware thus far, experts have indicated that law firms, generally, are attractive targets for hackers, as they maintain an abundance of highly-sensitive client information on their systems. Many smaller firms are vulnerable and easily exploited because they do not have the infrastructure to protect themselves against cyber threats. Yet, as can be seen, these increasingly pervasive attacks can cripple even the most prepared companies. In fact, DLA Piper, a firm with a global cybersecurity team, published an article in the wake of the WannaCry, titled “9 Things You Should Know to Protect Your Company from the Next Attack.”
Details about the Petrwrap/Petya ransomware, including how it is spread, are still being investigated. Researchers have reported that it is both similar to and different from WannaCry in various ways. Needless to say, in the face of another widespread attack, it is more important than ever for law firms to be vigilant against cyber threats.