News flash – The Federal Bureau of Investigation’s Washington field office is investigating a series of alleged infiltrations of prominent U.S. law firms by Chinese hackers, the New York Times reported on Tuesday (Oct. 7), citing two people briefed on the matter.
Hackers like law firms
As a lawyer, you solve problems, influence decisions, and defend the rights of individuals and companies. All-in-all, it’s about helping people and organizations when they need it.
Well, unfortunately, now it’s your turn to receive help. As a lawyer, cybersecurity expertise isn’t in your skill set — and you may already believe you’re protected. After all, your IT provider or MSP says you are. But the truth is, most IT providers equate good maintenance with good protection — and that’s a dangerous assumption in a world where attackers exploit the smallest blind spot. In addition, you may ask, why would hackers be interested in my small- or medium-sized firm anyway? Are we “prominent?”
The simple answer is – yes, they want you. Hackers, Chinese or otherwise, have expanded their efforts beyond huge enterprises, and there are several reasons why they’d want to root around in your systems:
– Good old ransomware. Your firm, your attorneys, and – more importantly – your high net-worth clients are all targets, having files frozen until payments are made.
– Intellectual property and other goodies. IP, sensitive financial data, M&A deals, “insider” information, criminal defense plans, and all types of privileged communications will be there for the taking.
– You’re a link in the chain. By getting into your system, it’s easier for the hackers to get into the systems you network with, including clients of all sizes, financial institutions, government agencies, third-party portals and more.
– Sit and wait. Often hackers will play the “long game.” Once inside, they won’t do their damage right away. So, even if you still think you’re not a target because you’re small or medium sized, what about two or three years from now?
Make hackers hate you
Today, most law firms spend the bulk of their cybersecurity budget on just endpoint security – monitoring laptops, servers and phones for anything suspicious, then sending out an alert that someone should do something. One layer. One approach. In today’s environment, that one way is just not enough anymore.
The firms that stay secure use a multi-layered defense that combines proactive and reactive measures working together. Here’s what that looks like in practice:
– Continuous external vulnerability scanning to identify gaps before attackers do.
– Dark web monitoring to catch exposed credentials and data leaks before they’re used against you.
– Regular attack simulations to test defenses and find weak points.
– Employee training through real phishing simulations to ensure your team recognizes and stops attacks in progress.
Think about national security. You wouldn’t defend our country with just the Army. You need the Air Force, Navy, Marines, Coast Guard—all working together. That’s how resilient cybersecurity works.
That’s also how Guardian works. Our proactive (“red”) and reactive (“blue”) teams work together as one defense to hunt threats, identify gaps, and stop breaches before they start. We don’t replace your IT provider or MSP agreement; we work alongside them to provide what they can’t.
Why? Because cybersecurity is a hard, ever-changing environment. And anyone who tells you it’s simple, or that they already have you covered with their one approach, doesn’t understand today’s high–level threat landscape.
We do understand – and that’s the Guardian difference.
Download our Cybersecurity Assessment for Law Firms.