The most widely read magazine for Canadian lawyers
Issue link: https://digital.canadianlawyermag.com/i/50841
handled," he says. He also says that all lawyers and their staff must ensure they don't open attachments from unknown senders as they can contain spyware that could let third parties obtain con- fidential client information. In some instances, hackers have "spoofed" the e-mail address of a lawyer within the firm to send an attachment that con- tains spyware or malware, which poses a significant problem as it could go unde- tected for months. "Because the hackers are so sophisticated, it can pose a big problem for law firms because it is hard to know what attachment to open if it is from a lawyer," he says. "There are so many ways for professional hackers to hide their identity and they are basically untouchable." He adds that U.S President Barack Obama has proposed that the penal- ties under the Computer Fraud and Abuse Act be increased significantly in response to the recent increase in cyber attacks on both government organiza- LAWPRO® tions and the private sector. If, in fact, a law firm discovers it has been hacked, it should first and foremost notify its clients. But most law firms tend to try to handle hacking incidents on their own through their in-house technical staff who may not be up to speed on cutting-edge techniques hackers are using, says Marc Zwillinger, founding partner of ZwillGen PLLC in Washington D.C., a firm that spe- cializes in Internet-related laws and litigation. "Law firms store a lot of confidential information so law firms can be more of a target especially when they enter markets in other countries," he says. "At the same time, lawyers are always looking for more business and may receive an e-mail from a prospec- tive client with a link that purports to be to the company's web site, but it contains spyware and compromises the law firm's information." He says many law firms in the U.S. realize they need to outsource their tech- APPOINTMENT SIMON BERNSTEIN Lawyers' Professional Indemnity Company (LAWPRO) announces the appointment of Simon Bernstein to the position of Vice-President, Specialty Claims Department. In this capacity, Mr. Bernstein will be responsible for a team of claims professionals handling, among others, TitlePLUS and Excess Insurance claims and claims involving coverage issues. Mr. Bernstein brings to his new role extensive experience in claims management, loss control, risk management and underwriting in the insurance industry. A graduate of Osgoode Hall Law School, Mr. Bernstein practised in private practice before moving into the financial services sector where he held positions of increasing responsibility in claims management and risk assessment. As Assistant Vice-President, Financial and Professional Services Claims (Canada) at St. Paul Travelers Insurance, Mr. Bernstein directed a staff responsible for managing a diverse portfolio of claims and setting litigation strategies. He is currently Assistant Vice-President, Underwriting at LAWPRO. LAWPRO provides malpractice insurance and risk and practice management programs to more than 22,800 Ontario lawyers, and title insurance in all Canadian jurisdictions. LAWPRO's TitlePLUS® product on the market today. title insurance program is the only all-Canadian title insurance nical security to a company that deals specifically with cyber-attack protec- tion. "It could take months or years to resolve a hacking incident, especially if people sue," he says. "Any company or law firm could be sued if they did an inadequate job of implementing pro- grams and security to protect informa- tion, which can be assessed by a private computer technology company." He says his firm often gets hired by companies that have been hacked to help with their response and notifica- tion to clients. "Once you figure out what's been compromised, you could have contracts, people's personal infor- mation, and other information that you have to notify customers about." He has had a number of corporate clients that were compromised and the result had widespread ramifications and affected a large number of customers. It led to an inquiry by state and federal govern- ments to ascertain the magnitude of the information was obtained by the hack- ers. "These can be very time-consum- ing and protracted as well," he says. He says the number of hacking inci- dents in the last 18 months has grown and they are getting the kind of pub- licity that has resulted in law firms taking much more proactive measures and advising their clients to do so as well. "Law firms are taking computer security more seriously and I'm pleased with that because the hacking incidents that have happened recently have been a huge wake-up call for them," he says. Most hackers that target law firms want information that will give them an advantage in their competitive market. So any law firm dealing with a client trying to register intellectual property or conduct an acquisition or merger should ensure they take all precautions to protect their client from potential breaches, says Mark Hayes, founding partner of Hayes eLaw LLP based in Toronto. "Hackers are often looking for information that would be of com- mercial value to them and they usually target the law firm's server to be able to search for what they want," he says. To target the server through spy- ware or malware, hackers often have LawPro_CL_Sept11.indd 1 36 SEPTEMBER 2011 www. CANADIAN Lawyermag.com 11-08-15 5:52 PM