By now, every managing partner has heard the warning: law firms and their clients' sensitive information are a treasure trove for hackers.

But today's ransomware attack on DLA Piper sounded a different type of alarm for big law firms. The world's biggest firms are just as prone to ransomware attacks as any other company, and the potential ramifications of a network-crippling malware infection are wide-ranging for a service industry that holds the legal fate of corporations in its palm.

Consider litigators unable to access key documents on a court deadline. Transactional lawyers unable to communicate with clients attempting to close multibillion-pound deals.

"The domino effect of doing something like this to a law firm permeates so many different parts of business," said John Sweeney, president of LogicForce, a startup cybersecurity consulting firm. "Suffice it to say, it's going to touch hundreds if not thousands of different points of business. It's a nightmare, there's no doubt about it."

Phone lines at DLA Piper were down on Tuesday (27 June) across Europe and the US. According to a photo tweeted by Politico reporter Eric Geller (above right), DLA Piper employees in Washington DC were instructed not to turn on their computers and to unplug their laptops from the network.

"All network services are down," a whiteboard read in what appeared to be the firm's lobby.

A DLA Piper spokesman confirmed the firm had been the target of what it believed may be a malware attack that impacted a large number of organisations across the globe, including pharmaceutical giant Merck.

"The firm, like many other reported companies, has experienced issues with some of its systems due to suspected malware," said DLA Piper's statement. "We are taking steps to remedy the issue as quickly as possible."

Much like the WannaCry ransomware attack that spread throughout the globe in mid-May, the new round of attacks reportedly requests a payment of $300 in Bitcoin, in order to obtain a 'decryption code' that may unlock an organisation's files.

While security experts scramble to determine the extent of the encryption or any other damage levied by the newest batch of ransomware, at least 27 organisations appeared to have paid the ransom as of early Tuesday, according to a blockchain transaction record.

A study released on Tuesday by LogicForce shows the ubiquitous risk of hacking for law firms. The company surveyed more than 200 firms and found that all had been subjected to hacking attempts, while 40% of those attempts were successful. What's more, the 40% of firms who had been hacked were unaware of it, according to the report. Sweeney said DLA Piper was not included in his company's survey.

In response to being hit by ransomware, Sweeney said firms should perform a detailed investigation of their systems involving forensics professionals to determine how the ransomware attack entered their network. Part of that investigation should include attempting to mitigate any more damage that could occur.

The best-case scenario in some ransomware attacks would be having an incident response plan in place that involves an off-site server backup that could potentially restore the system's computers, said Robert Rosenzweig, another cybersecurity expert and national leader of the cyber practice at insurance brokerage Risk Strategies Co.

LogicForce's Sweeney commended DLA Piper for issuing a public statement about the ransomware attack, something few law firms have done or been forced to do.

"Can they circumvent whatever's been done to their systems and get back online? I don't know. That would be the best option," Sweeney said.

One fallout from the attack may be a renewed interest from law firms in purchasing cybersecurity insurance. The LogicForce survey states that 23% of firms polled had cybersecurity insurance policies. Those policies will pay for direct expenses associated with a hack, such as the cost of the ransom, hiring forensic investigators, and bringing on a legal team to advise the firm of its potential risk.

For damage done to clients as a result of a firm losing its ability to service them or their confidential data getting into the wrong hands, it is possible a firm would have coverage under a more traditional legal malpractice insurance policy, Rosenzweig said. He said a "business interruption" component in a cybersecurity policy may also provide some relief, but added that a loss of a law firm's ability to service its clients due to a cyber breach could have long-tailed repercussions.

"The risk and the potential for a complex and expensive loss is a lot more significant," Rosenzweig said.

The increased risk of ransomware attacks may also cause more law firm clients to perform cybersecurity audits as part of their hiring process, said LogicForce's Sweeney. His company's report states that 34% of firms reported undergoing a cyber audit from a client, and LogicForce expects that number to grow to 65% by 2018.

"More and more clients are demanding these audits," Sweeney said. "And quite frankly we're seeing some law firms losing business because they can't comply with the audit."

Picture credit: Eric Geller/Politico