As global law firms face the growing threat of ransomware attacks and other cybersecurity vulnerabilities, the risk is even higher for firms based in Asia Pacific due to slower responses, underprepared clients, and currently lax regulatory regimes.
From 2018 to 2019, the average ransom demand has skyrocketed by 1,400% from $6,000 to $84,000. Hacker-for-hire groups are specifically targeting law firms as data-rich repositories for the purposes of extortion and espionage. In addition to their own proprietary data, law firms are custodians of their clients’ privileged knowledge, including financial data, business transaction details, and personally identifiable information.
Blackpanda COO Lester Lim offers his opinion and insight on the growing cyber threats faced by Asia-Pacific based law firms. This article was originally published in Law.com International and appeared on their website.
In the spotlight this week:
Law firms in Asia at high risk of cyberattacks
Singapore Police Force Anti-Scam Center recovers laundered funds in e-mail scams
New bill discussed in Singapore parliament to strengthen data protection standards and enforcement
Four of the world's largest shipping companies have now been hit by cyber attacks
The Singapore Police Force's Anti-Scam Centre (ASC) in collaboration with UOB has recovered the bulk of US$5 million (S$6.79 million) stolen in an alleged business e-mail scam. A foreign bank contacted UOB to urgently recall a sum of money that was illegally transferred into a Singapore-based UOB account belonging to a local firm. Preliminary police investigations showed that the monies were moved following an alleged business e-mail scam.
Blackpanda has seen an uptake in the number of business email compromise cases since the beginning of the COVID-19 pandemic. It is important to stay vigilant and practice good cyber hygiene. Read more about business email compromise here.
A company found guilty of a data breach can be fined up to 10 percent of its annual turnover in Singapore, under a change in the law aimed at strengthening data protection standards. The stiffer fine, however, will be imposed only on companies with an annual turnover that exceeds $10 million. Currently, the maximum a company can be fined for a data breach is $1 million. Other prospective changes include making it mandatory for organizations to notify the Personal Data Protection Commission of data breaches that are likely to harm the affected individuals. Also, it is mandatory that they notify those affected so that the individuals can take steps to protect themselves where possible.
All of the four biggest maritime shipping companies in the world have now been hit by cyber-attacks over the past four years. This report comes as French shipping giant CMA CGM reported a ransomware attack that took down its worldwide shipping container booking system after its Chinese branches in Shanghai, Shenzhen, and Guangzhou were hit by the Ragnar Locker ransomware.
Subscribe Here to receive Blackpanda thought leadership, webinar invitations, and cyber intelligence direct to your inbox.