Cybersecurity in Law Firms Report Spotlights Increase in Phishing Threats

• Risks in law firms: A new cybersecurity report highlights an increase in phishing attacks targeting law firms.
• Poor protection: The analysis mentions that only 50% of firms reported having at least one immutable backup system to protect against threats.
• Enhanced defense: These gaps reflect an urgent need for enhanced defense mechanisms against cyber threats.

Law firms face significant cybersecurity challenges, with a rise in phishing threats. Notably, 50% of respondents to a new report cited phishing as their top concern, surpassing ransomware for the first time.

The newly published Fenix24 and ILTA "Security at Issue" report underscores the prevalence of evolving threats and inadequate recovery preparations.

Key Threats and Vulnerabilities  

The findings indicate a shift toward human-operated attacks that leverage sophisticated methods to bypass traditional defenses. Persistent access methods and lateral movement across compromised systems are increasingly common, yet many firms fail to address critical vulnerabilities.  

Alarmingly, only 50% of firms reported deploying immutable backups—a critical safeguard against data loss during ransomware attacks, with only a third acknowledging it as one of their top three security control approaches.

Even more concerning is that multi-factor authentication (MFA) is used by only 18% for production storage and 37% for backup storage systems, which leaves sensitive client data susceptible to unauthorized access. 

John Anthony Smith, co-founder and CSO of Fenix24, offered insights for TechNadu. He mentioned that law firms face significant cybersecurity challenges due to poorly trained IT help desks, overly accommodating support practices, and inadequate system restrictions. Lawyers, especially partners, often resist complex security measures, leaving firms vulnerable to advanced phishing, social engineering, and credential theft, he added. 

Smith also highlighted that outsourced help desks exacerbate the issue by being more susceptible to manipulation, as seen in high-profile breaches, such as that involving Clorox and Cognizant. 

Commonly abused tools like remote support and file-sharing applications remain unmonitored, enabling rapid data exfiltration, Smith added. 

Recommendations for Law Firms  

The Fenix24 and ILTA report stresses the importance of proactive measures, including:

• Adopting immutable backups as part of a robust data protection strategy.  
• Expanding MFA implementation to all high-value systems, including backup storage.  
• Prioritizing external assessments and tabletop exercises to identify and mitigate vulnerabilities.  
• Strengthening barriers against persistent access by replacing unapproved remote tools and improving network segmentation.  

Broader Implications  

Only 38% of law firms described their security posture as “very secure,” down from 50% in 2023, highlighting declining confidence despite growing security awareness. 

Fenix24 and ILTA emphasize that attaining recovery readiness is no longer optional—quick restoration capabilities are essential to maintain operational continuity and client trust.  

“As threat actors shift to more targeted and human-led attacks, the legal industry must move beyond just compliance,” said Corey Simpson, Chief Operating Officer at ILTA.

With reputational damage and sensitive data loss at stake, Smith recommends that law firms prioritize secure identity verification, robust training, and stricter system controls to mitigate these risks.