Protect Your Practice From Cyber Threats

Originally published in the ACBA Lawyers Journal on July 25, 2025.

As cyber threats grow more sophisticated, no industry is immune, including the legal field.

On May 23rd, the FBI issued a warning specifically targeting law firms, alerting them to the fact that a cybercriminal group is targeting the legal industry. They are using “IT-themed social engineering calls, and callback phishing emails, to gain remote access to systems or devices and steal sensitive data to extort the victims…the group has consistently targeted US-based law firms, likely due to the highly sensitive nature of legal industry data.”

Whether you’re a solo practitioner or part of a large firm, understanding threats like this and how to defend against them is essential to protecting your clients and your reputation.  Increasingly, our technology systems aren’t the weakest link; we are!

The Most Common Cyber Threats Facing Firms

Law firms are prime targets for cyberattacks because they handle highly sensitive data, including client records, intellectual property, merger details, litigation strategies, and other confidential information. Here are the most common and highest-risk cybersecurity threats law firms face.

Phishing Attacks

Phishing remains the most prevalent form of cyberattack targeting law firms. These attacks employ deception—often through email, text, or phone calls—to trick recipients into clicking on malicious links, transferring funds, or sharing sensitive data.

Messages may appear to come from trusted sources, such as a firm partner or file-sharing services like DocuSign or Dropbox. These well-crafted communications use urgent language that encourages immediate action, allowing busy individuals who are often under pressure to be less vigilant. These attempts are sophisticated enough to mimic email addresses, phone numbers, or even spoof voice calls to impersonate. 

Ransomware

Ransomware is a type of malware that takes your data or device hostage by locking down a device or encrypting files. Then it demands payment (usually in cryptocurrency) to unlock them. These attacks disrupt communications and access to case files, leading to downtime that firms can’t afford. They also impact client confidentiality, which can harm a firm’s reputation. Hackers understand that firms may pay the ransom quickly to avoid these immediate and critical risks. Even with payment, there is no guarantee that the data will be restored.

Insider Threats

Your firm’s biggest strength is its people. Unfortunately, when it comes to cybersecurity, they are also your biggest risk. They are both your first line of defense and most common vulnerability. Threats from employees, such as sharing passwords, falling for phishing scams, or using unsecured devices, either accidentally or intentionally, can expose data or create vulnerabilities. Technology can only go so far to protect your firm’s security.  

Passwords 

Everyone knows they need strong passwords, but it’s easy to fall into the habit of relying on reused, weak, or easily guessable passwords that open the door to attackers. The reality is that one compromised password could allow access to email, file systems, and client communications.

Unsecured Remote Access

In an era of hybrid work, connected devices (such as phones, printers, and security cameras) can provide backdoor access to your network. Remote access has become increasingly common in recent years, but it is not always properly secured. Unpatched VPNs, unsecured Wi-Fi, or personal devices without encryption create potential opportunities for malicious actors. 

Building a Strong Defense

Strong Network Security

Every time a new unsecured device connects to your network, you are putting your entire system at risk. Your firewall is your first line of defense, monitoring and blocking threats before they can cause damage. You want comprehensive protection, including firewalls that safeguard both hardware and software. A hardware firewall separates devices from the Internet, while a software firewall protects individual devices.

Beyond your firewalls, you want to implement a multi-pronged approach that includes secure connections, reliable antivirus software, and encryption protocols. 

Multi-Factor Authentication (MFA)

With the increase in data breaches, adding Multi-Factor Authentication (MFA) to a strong password adds an extra layer of security so only the right people can access your data. MFA requires users to provide two or more verification factors to gain access, such as a password and a unique code sent to their mobile device. They often provide different options, such as a passkey, a trusted device that’s not easily duplicated, like a phone or hardware key, or biometrics, like a fingerprint or face scan.

Antivirus and Anti-Malware Protection

Malware and viruses are two of the most common threats to businesses. They can enter through emails, downloads, or even legitimate-looking websites. That’s why reliable antivirus software on all devices is a must. Regular updates to these programs are crucial, ensuring protection against the latest threats. These updates, combined with firewalls and encryption, add multiple layers of defense.

Human Risk Management

Cybersecurity is not just a tech issue. It’s a people issue. No matter how good your technology is, it only takes one employee clicking on the wrong link, reusing a weak password, or sending sensitive info to the wrong person for a company to get hacked or suffer a data leak. Most breaches begin with human error, so your firm must develop a strong “security culture.”

As your first line of defense and greatest risk, it is essential to keep cybersecurity at the forefront of all employees’ minds. This begins with effective security policies, so everyone understands established protocols for protecting business data. 

However, policies alone aren’t enough. Consistent and ongoing training is crucial for educating partners and staff on security basics, reinforcing best practices, and keeping them up to date on the latest vulnerabilities and threats. Additionally, you should incorporate cybersecurity training into your company’s onboarding process to make sure new employees are up to speed. 

FSA recommends KnowBe4’s HRM+ platform. This innovative solution is in line with Pittsburgh’s own Duolingo. It is user-friendly, behavioral-focused training through engaging videos, quizzes, and simulated attacks—no more dry staff training sessions or sleep-inducing webinars. 

KnowBe4 also understands the novel threats of each industry, so they tailor their training to the dangers facing the legal sector. They go beyond training by providing organizations with insights into who might be more vulnerable, based on behavioral patterns, and offer support to mitigate those risks.

Final Thoughts

Pittsburgh’s legal community is built on trust, confidentiality, and professionalism. In today’s threat landscape, cybersecurity is foundational. By understanding the threats and implementing robust defenses, your firm can safeguard its clients, reputation, and future.

If you’re not sure where to start, FSA Consulting is here to help. From infrastructure assessments to employee training and cloud configuration, we’re your local partner in cybersecurity defense.