Goodbye job applications, hello dream career
Seize control of your career and design the future you deserve with LW career

AusLaw remains prime target for cybercriminals

New research has shown the Australian legal sector was attacked by cybercriminals on three separate occasions between July and September 2019, heightening the need for greater protection.

user iconEmma Musgrave 27 November 2019 Big Law
Sydney CBD
expand image

Mimecast Limited’s quarterly Threat Intelligence Report: Risk and Resilience Insights analysed global attack activity from the last quarter.

When it comes to the Australian market, the data showed the nation was subject to high amounts of activity in the first two weeks of the quarter. Criminals leveraging ZIP files were the most common file type detected.

Breaking it down further, Mimecast revealed there were three attacks made on the Australian legal profession during the quarter.

The first, on 1 July, saw 787 threat detections, while 8 July saw 1,666 detections and 16 September saw 2,226 detections.

“Nearly all of the attacks used generic Trojanised ISO files through Andromeda, Noon, and Razy, and the attackers also sought to exploit CVE-2017-8570 and CVE-2017-11882,” Mimecast noted.

“The legal sector attacks are highly likely to have been organised criminal groups attempting to compromise their intended targets for monetary gain, given the access to significant funds which the sector is perceived to have.

“The legal sector also has access to highly sensitive, valuable client information.

“Despite these factors, none of the targeted campaigns lasted for more than a day, and the attack vectors employed did not appear to significantly vary or evolve in terms of their complexity.”

That being said, the report also encouraged vigilance when it comes to deploying resources to mitigate the attacks, noting that hackers are becoming increasingly smarter and more sophisticated in their approach.

“Overall, efforts to modify threats to evade detection within sandboxing [continue] swiftly, and some older forms of malware are being modified as extensively as newer forms to evade detection,” Mimecast said.

“Alongside this malicious software, threat actors’ impersonation efforts have continued to increase, with the inclusion of malicious voicemail messages in recent detections. The threat is evolving and more nuanced than ever before.

“Malware-centric campaigns are continuing quarter over quarter. These campaigns are increasingly sophisticated and continue to use a diverse range of malware during the different phases of an attack, which is clearly pronounced in analysis of the most persistent attacks spanning a period of several days.

“Subscription-based Malware-as-a-Service models also continue to increase the availability of simple attack methods to a wider audience, simultaneously keeping older, well-known malware in circulation. The use of fileless malware is also increasing, and criminals are putting greater efforts into the increased use of impersonation attacks against businesses.”

Emma Musgrave

Emma Musgrave

Emma Musgrave (née Ryan) is the managing editor, professional services at Momentum Media.

Emma has worked for Momentum Media since 2015, including five years spent as the editor of the company's legal brand - Lawyers Weekly. Throughout her time at Momentum, she has been responsible for breaking some of the biggest stories in corporate Australia. In addition, she has produced exclusive multimedia and event content related to the company's respective brands and audiences. 

Prior to joining Momentum Media, Emma worked in breakfast radio, delivering news to the Central West region of NSW, before taking on a radio journalist role at Southern Cross Austereo, based in Townsville, North Queensland.

She holds a Bachelor of Communications (Journalism) degree from Charles Sturt University. 

Email Emma on: This email address is being protected from spambots. You need JavaScript enabled to view it. 

Tags
You need to be a member to post comments. Become a member for free today!