Holman Webb Lawyers is one of many firms operating in Australia. We have about 60 lawyers and a strong and valued client base. One recurring issue we see more of relates to cyber breaches, invoice fraud, and wrongful data manipulation. We have seen multiple clients affected by this issue over the last 12 months - and we are one of hundreds of law firms in Australia in a very big industry - meaning that cyber incidents are extraordinarily common.
For that reason, we ask all our clients whether they have appropriate policies, procedures, and practices in place to minimise the chance of a cyber attack – and, equally important, to confidently manage the cyber attack if and when it occurs.
Who is being attacked?
It is also important to understand that the profile of persons attacked is broad – we have acted for individuals who have had the deposits for their conveyancing transactions stolen, small real estate agents attacked, start-up companies, not-for-profit organisations the subject of invoice fraud, manufacturing clients subject to account manipulation and diversion of creditor funds, and large medical organisations. There has been many different methodologies used by malicious players to access account details, funds and data.
Just because you are a small enterprise does not mean you are not a target. You are.
How much is involved
The money that has either been stolen or ransomed ranges from small invoice fraud of less than $10,000 to ransomware demands of over $10 million. That does not include the downtime and commercial and reputational risk accompanying such attacks, which can easily exceed $100,000.
Questions to ask of yourself
In light of the above – can you answer the following questions:
- Do you have an incident response plan?
- Do you have a team dedicated to dealing with the issue that arises immediately?
- Do you know how to communicate with the team when your system has been locked down?
- Do you have a data retention and recovery plan?
- Do you know what your insurance cover is and what you are protected from?
- Do you know whether you can recover data from other sources, and if so, how do you action that?
- Do you have protections in place to ensure that all patches are implemented immediately upon their release?
- Do you have a team dedicated to updating and checking systems, contracts, and obligations imposed upon you by third parties?
- Do you know if your suppliers are privacy compliant or have cyber protections?
- Are your staff trained to identify potential security risks, and is there a reporting mechanism within your organisation?
- Do you comply with the Essential Eight security measures?
If the answer is not a confident yes, you need to do something about it. In the case of cyber security, prevention is far better than cure. If an attack cannot be prevented, then dealing with it quickly, professionally, and in a structured and ordered way will go a long way to minimising the commercial and reputational impact.
While malicious attackers continually devise new and innovative ways to infiltrate your systems, and no policy or practice can entirely extinguish that risk, if you cannot answer these questions confidently, then we strongly recommend that you seek advice and implement all the policies and procedures that may be required to give you the confidence you need.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.