Given how much valuable and commercially sensitive information they hold, law firms are prime targets for cyber criminals. DLA Piper was hit by the highly destructive NotPetya malware in 2017, this incident knocked out telephony for two days and it took the firm four days to recover email services. The company was also forced to wipe its entire Windows environment and ‘start afresh’ paying 15,000 hours of IT overtime. If a multi-billion dollar law firm can have its defences breached, what chance is there for small and medium sized practices with significantly reduced IT security budgets?
Almost overnight home working it has become the norm for millions of non-essential workers. Following the lockdown announcement on March 23rd, business leaders immediately turned to IT to ‘pull the rabbit from the hat’ and roll out flexible working solutions to enable some resemblance of business as usual. Rolling out secure, remote working capabilities across an organisation (sometimes in a matter of a few days) is no mean feat. The task is made considerably more difficult for organisations with a complex IT infrastructure, entrusted to handle highly sensitive, client confidential information such as legal firms.
A global surge in VPN use was reported last month due to more and more people working from home amid the pandemic. A major concern for IT security teams is that each remote connection they authorise increases the attack surface available to hackers to exploit. The attack surface has the potential to increase rapidly when all staff are suddenly asked to work from home.
For the past 25 years or so, VPN technologies have been used to provide secure, remote access to critical IT infrastructure by encrypting traffic. Unfortunately, threat actors specifically target VPNs as they are a great way into networks. VPN connections typically offer ‘broad spectrum’ network access since they are configured for employees. Hackers often use them in the first stage of their attack to establish a foothold in a network.
After successful exploitation, attackers steal credentials, elevate their privileges, and move laterally across compromised networks to ensure persistence before installing ransomware or other malware payloads. (Microsoft, 2020).
VPN systems are actively targeted since they have just as many zero-day vulnerabilities as any other internet-connected server. With traditional VPN technologies it is therefore imperative that servers are kept up to date with the latest patches. Microsoft threat intelligence teams have seen multiple nation-state and cybercrime actors targeting unpatched VPN systems for many months. Attackers have also been observed using the updater features of VPN clients to deploy malware payloads. (Microsoft, 2020). Even the biggest chambers could get better at applying software patches however. A fifth of the top 200 UK law firms use services reliant on out of date software according to a report by Crowe published earlier this year.
In addition to the problems of viruses and malware infecting home PCs, the VPN connections that workers now rely upon are in themselves a weak point in the armour. To address this, we recently launched ‘Trusted VPN‘ a significant improvement on existing VPN technologies. It provides peace of mind to security professionals knowing that even un-patched VPNs can be trusted, our technology even protects against zero-day vulnerabilities.
CyberHive Trusted VPN technology ensures that the VPN itself is no longer a weak link. We’ve introduced a cryptographically secure audit trail for all VPN config and code which is independently verified by our patented ‘Trusted Cloud‘ security technology. Since the VPN software is regularly authenticated by a verification service, we can guarantee that it hasn’t been hacked or subjected to unwanted tampering by an insider. Trusted VPN technology offers unsurpassed security, it is trusted by central government departments in the UK.
To find out more about how CyberHive Trusted VPN can help your firm to elevate its cyber security stance click here or contact:
01635 881 880 | [email protected]
Almost every day we hear about new ways cyber criminals are exploiting the COVID-19 crisis. Phishing scams, social engineering tactics, fraudulent websites and ransomware are constantly evolving an...Find out more
It is now 21 months since the GDPR came into force. For the period 25/05/18 to 27/01/20, authorities within the EEA were notified of 160,921 personal data breaches. DLA Piper’s research also reveal...Find out more
IT decision makers at financial institutions were quick to see the advantages of moving to cloud-based platforms; the ability to provide unique types of services, to become agile and to lower opera...Find out more
Please fill in the details below to get a 2 week demo of
CyberHive's cloud platform technology