Outrun the Bear: Law Firm Cybersecurity and the Insider Threat

by | Feb 4, 2016

Outrun the Bear Cybersecurity and the Insider Threat

It was a vendor that first identified the IT data breach at the Office of Personnel Management (OPM), according to Eric O’Neill, a former counterterrorism and counterintelligence operative.

The vendor had installed security software in order to demonstrate its value – and OPM would soon learn upwards of 22 million incidents of data theft.  The breach poses the risk of ID theft to federal employees, including the intelligence and military communities.

Mr. O’Neill’s comments came in the form a keynote speech at the 2015 LegalTech® conference titled, Cybersecurity and Data Espionage: Spy Stories for Lawyers.

For a time, corporate America only had to worry about the competition stealing business secrets. Today, a number of high-profile breaches in recent history show nation states are also a threat.  Worse, organizations, from government to corporations to law firms, while good at protecting threats from the outside, have room to grow against insider threats.

The First Digital Spy

Mr. O’Neill rose in prominence as the result of an insider threat. In 2001, he was part of an operation to catch Robert Hanson, “the worst spy in history,” he said.  Mr. Hanson stole and sold government secrets to the Soviets and later the Russians for 22 years.

Mr. Hanson was an insider.  Not just any insider, but a person of special trust and charged with preventing and identifying spies stealing secrets.  He was a spy charged with catching spies, an ideal position for covering up illicit activities.

He was, according to Mr. O’Neill, the first cyber spy.  Mr. Hanson exploited computer systems and stored the data on an early model personal digital device, or PDA.

Don’t miss these related insights on law firm cybersecurity:
Infographic: Cybersecurity Stats for Legal Tech
Why the ISO 27001:2013 Certification Matters to Law Firms
4 Certs Legal Should Ensure Managed Services Providers Have

Outrunning the Cybersecurity Bear

Today, the conventional Hollywood notion of a “hacker” is a myth: the disgruntled engineer typing and clicking their way into a hardened system from a basement location.  In contrast, “hackers are looking for the easy way in,” he said.

“Hacking is the normal evolution of espionage.”

Today, cybersecurity is a bit like avoiding being eaten by a bear, according to Mr. O’Neill.  You just have to run away faster than the other person.

To keep ahead, he offered a simple framework for security, which Legaltech News summarized in an article titled, Former FBI Operative Tells His ‘Spy Stories’ and the Biggest Issues in Security:

Compartmentalization: First, know where it is and where you keep it. Second, limit access to it, as not everybody has to have access to that info.

Diligence: “Don’t fall asleep behind the wheel,” O’Neill said. Actively use methods to know if information  is being accessed. For example, need to know what endpoints there are, and whitelist apps that have insufficient security.

Beware social media: O’Neill said that he “can’t say this enough.” This message is equally for young people and adults, but he stressed that those in attendance should tell young people to be more careful than they are being.

For law firms with additional ethical considerations, IT security can be overwhelming.

“A number of law firms have been so overwhelmed by the nature of the data security threat that they have essentially been paralyzed by the sheer scope of the problem,” according to Jeff Norris, CISSP and senior director of data security for LexisNexis Managed Technology Services.

It is “a reaction that is understandable considering they’re in the business of practicing law, not cybersecurity,” he said during an interview for a blog post titled, 6 Key Ingredients to a Law Firm Data Security Plan.

“You don’t have to outrun the bear, just the person you’re with,” Mr. Norris added in a conversation following this keynote session.  “Firms have to start putting plans in place, but those plans don’t need to be perfect or complete – just evolving based on risks. Action helps ‘un-paralyze’ and a path toward avoiding being, or becoming, a soft target.”

* * *

The operation designed to catch Mr. Hanson in the act might today be likened to social engineering.  A team distracted Mr. Hanson at work and Mr. O’Neill was able to retrieve data off that PDA without his knowledge, which provided actionable information for law enforcement to catch Mr. Hanson red-handed.

(click here or image for higher resolution)

Infographic Cybersecurity Stats and Facts for Inside and Outside Counsel-small

See our additional news and coverage stemming from LegalTech 2016:

Photo credit:  Flickr, Tambako The Jaguar, Polar bear in the sun (CC BY-ND 2.0)

    Contact Us

    To learn more or schedule a free demo of CounselLink, simply fill out the form below.

    First Name *

    Last Name *

    Work Phone *

    Work Email: *

    Company *

    Country *

    Zip Code * ( USA Only )

    Inquiry *

    LexisNexis, a division of RELX Inc. and our LexisNexis Legal & Professional affiliates may further contact you in your professional capacity about related products, services and events. You will be able to opt-out at any time via the unsubscribe link provided within our communications or manage your communication preferences via our Preference Center. For more information, see our Privacy Policy.