DLA Swiper

What’s Going On Here?

The latest major cyberattack has taken law firm DLA Piper as its victim. 

 

What Does This Mean?

The hacking that took place last week is the latest in the epidemic of major ransomware attacks. These programs are holding the most valuable asset of the law firm hostage - the client’s sensitive information. The malicious software originated in DLA’s Spanish offices but ended up spreading between many of their computer networks internationally. Just like the NHS hacks that took place in May, this software asked the computer user to send $300 to the hackers for their data to be released. While DLA Piper were the only law firm to caught by the hackers, it also attacked WPP (a British Ad agency) and the Ukrainian Central Bank on the same day!

 

Why Should Firms Care?

The ironic thing about DLA Piper being caught in this latest storm is that this law firm has always placed a huge importance on cyber-security. On their site, they claim to have “vast experience” in the field. They even released an article teaching other companies how to protect themselves from attacks just a few weeks ago! This proves that no one can be 100% certain of their safety when technology is involved. 

In the meantime, it’s unclear what the hackers even really wanted. Experts say that their “relatively small” demand of $300 show that they’re not in it for the money and might just be trying to make a political statement. DLA Piper have since managed to get most of their systems in place already and are even working with the FBI to get to figure out who’s behind it all. It remains to be seen whether there will be a significant backlash from clients or whether someone in the firm will be held accountable. 

Michael Chissick of Fieldfisher said IT security is “a huge issue for all UK and international law firms, which are under pretty constant attack from cyber criminals”. In a time where law firms are relying more and more on technology, (with schools even giving lectures on the subject), should they take a step back until they can make sure of the client’s safety? Or has constant emailing become so deeply embedded into our way of doing things that we all just have to take on the risk of these attacks happening again?