Malware Shuts Down Philadelphia Courts Computer System
Cybersecurity problems are distressingly apparent in the City of Brotherly Love these days. The city court's website has been shut down by a virus since May 21.
July 01, 2019 at 12:50 PM
7 minute read
Cybersecurity problems are distressingly apparent in the City of Brotherly Love these days. The city court's website has been shut down by a virus since May 21 (the website went back online Monday, July 1). A decade after Philadelphia courts instituted an e-filing system, law firms have reverted to filing hard copies of documents the old-fashioned way. For young attorneys, the idea of filing and serving paper documents is a brave new world. For their more experienced colleagues, the feeling is more akin to “Back to the Future.”
Philadelphia officials continue to avoid revealing any detailed information regarding the security breach. The official story is a virus was found on only certain computer programs, and were shut down as a precaution. Most observers expected the “precaution” of the shutdown to last a day or two at the most. That was over four weeks ago.
This is not the first time a major metropolitan area had their services disrupted by a cyberattack. Baltimore dealt with an apparently similar issue when a ransomware attack on May 7 exposed the vulnerability of their system. Experts reported part of that malware was created by the NSA before being hacked itself by foreign actors in 2017. While Philadelphia's City Hall remains silent, many in the Center City legal community hypothesize the same Baltimore malware may have struck again. That attack reportedly cost Baltimore more than $18 million and officials were heavily criticized for their slow response. Greeneville, North Carolina was also struck by what some are now calling the “RobbinHood” malware. Time will tell the final cost in Philadelphia, but the disruption to legal proceedings is already significant.
The broader digital transformation of the legal profession has been nothing short of remarkable. Today law students only use the library as a quiet place to study. Legal research is performed online and firms are transitioning to digital case files. The predictions of artificial intelligence performing legal work, and employment from home replacing physical offices, once seemed far-fetched. Now they're increasingly considered foregone conclusions.
The recent cyberattacks in Philadelphia and Baltimore may give the tech-prognosticators pause. Technology is not an unqualified panacea and rapid adoption involves inherent risks and vulnerabilities. The shutdown of judicial computer systems should serve as a reminder that the legal world is not immune from cybersecurity threats. Now is an appropriate time to stop and take stock of the potential trade-offs of the digital revolution, particularly for young, digitally native attorneys who have never known an alternative.
Futurist Roy Amara once famously observed, “We tend to overestimate the effect of a technology in the short run and underestimate the effect in the long run.” In the 1990s leaders including President Bill Clinton and then-Gov. George W. Bush predicted the internet would bring down authoritarian regimes across the world and hasten the spread of democracy. Today authoritarian regimes have learned to use technology for their own benefit. After the backlash against Facebook following the 2016 election, it's becoming increasingly common to see social media in particular as an obstacle, rather than a mechanism for legal or political transformation.
These social media controversies are a great example of “Amara's Law” in action. Regardless of the impact of technology on short-term news events, the long-term consequences seem to be underestimated. The average American now spends more than two hours per day on their smartphone. Confidential information such as financial transactions, written communication, and yes, legal filings are all performed online. Ten years into this transformation, it's unthinkable to return to the old ways. This is exactly why the current situation in Philadelphia is remarkable and interesting. In the race to maximize speed and convenience, professional communities including legal and financial services have made implicit trade-offs against long-term security and privacy.
These trade-offs are particularly significant for attorneys and law firms. Due to the quantity and quality of sensitive client information held by firms, attorneys are a prime target for hackers. Ransomware attacks are by no means exclusive to courts. In 2017 several large law firms had their own problems with ransomware attacks and unfortunately this is far from the only threat.
Hacked email accounts and phishing attacks are another growing area of vulnerability. Many attorneys now use platforms like DocuSign or Dropbox in their daily practice. These logins are predisposed to sophisticated cyberattacks with potentially disastrous consequences. Secure file sharing is an absolute necessity for every firm. Information security policies should be constantly reviewed and updated to prevent any potential leak of confidential information.
Not surprisingly, some firms are now facing legal malpractice claims due to inadequate cybersecurity protocols. Although it's still too early to tell, it would be surprising if this trend did not continue in the future.
The ABA 2017 Legal Technology Survey reported 22% of law firms experienced a cyberattack or data breach. Data seems to indicate the likelihood of being attacked increases with the size of the law firm. But solo practitioners and small firms cannot afford to rest easy. Because of their smaller size, these offices may also lack the resources and capabilities to adequately address the threat of an attack.
The recent attacks have been dangerous, but they can also be learning experiences for the future. The Gartner “Hype Cycle” theory hypothesizes five stages in the adoption and growth of new technology. First, there is a trigger event that creates initial publicity. This is followed by the peak of inflated expectations where success stories from early adopters produce predictions of imminent and unrealistic benefits. This is followed by the trough of disillusionment where previously underappreciated problems become better understood. Next, the slope of enlightenment produces second and third generation products with improvements based on the lessons of the past. Finally, technology reaches a plateau of productivity with widespread, mainstream adoption.
The Hype Cycle model has been fairly criticized and is probably more instructive than it is scientific. Still, it reminds us that technology must fail and expectations must reach maturity before new platforms can improve. In the legal community, cybersecurity is an ongoing commitment and a cost of doing business in the 21st century. There is no endpoint, only a constant, unfinished struggle to stay ahead of the most advanced hackers in the world. It's not surprising cybersecurity insurance is becoming increasingly popular with firms, especially since data breaches are not covered by professional liability policies.
In Philadelphia, young lawyers are learning to practice old-school with wet signatures and hard copies. While the future remains uncertain, cyberattacks like Philadelphia and Baltimore should help the legal community become more careful, thoughtful and intelligent in how we use technology to represent our clients. While the convenience of new technology is undeniable, so are the trade-offs.
Patrick McKnight is a law clerk at Wilson Elser Moskowitz Edelman & Dicker. He is a JD/MBA candidate at Rutgers University and will graduate in 2020 with a certificate in corporate and business law. He focuses his practice on defense litigation, corporate law, design and professional liability, construction defect liability, personal injury defense and cannabis law.
This content has been archived. It is available through our partners, LexisNexis® and Bloomberg Law.
To view this content, please continue to their sites.
Not a Lexis Subscriber?
Subscribe Now
Not a Bloomberg Law Subscriber?
Subscribe Now
NOT FOR REPRINT
© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.
You Might Like
View AllCFPB Advisory Opinion Targets Illegal Medical Debt Collection Tactics
8 minute readMatt's Corner: Pa.R.D.E. 217—Obligations of a Formerly Admitted Attorney
2 minute readTrending Stories
- 1Mental Health Issues Don’t Get a Holiday
- 2'It's Got to Be a Wake-Up Call:' Atlanta Attorney Hopes $16M Verdict Spurs Training Changes at Hotels
- 3FTC Bans 'Junk Fees' in Live-Event Tickets and Short-Term Lodging
- 4California Legal Awards Moving to Mid-Summer Date in 2025, Adds New Categories
- 5Law Student Sues NY Attorney Grievance Officials, Seeking Materials Over Sexual Assault Claims
Who Got The Work
Michael G. Bongiorno, Andrew Scott Dulberg and Elizabeth E. Driscoll from Wilmer Cutler Pickering Hale and Dorr have stepped in to represent Symbotic Inc., an A.I.-enabled technology platform that focuses on increasing supply chain efficiency, and other defendants in a pending shareholder derivative lawsuit. The case, filed Oct. 2 in Massachusetts District Court by the Brown Law Firm on behalf of Stephen Austen, accuses certain officers and directors of misleading investors in regard to Symbotic's potential for margin growth by failing to disclose that the company was not equipped to timely deploy its systems or manage expenses through project delays. The case, assigned to U.S. District Judge Nathaniel M. Gorton, is 1:24-cv-12522, Austen v. Cohen et al.
Who Got The Work
Edmund Polubinski and Marie Killmond of Davis Polk & Wardwell have entered appearances for data platform software development company MongoDB and other defendants in a pending shareholder derivative lawsuit. The action, filed Oct. 7 in New York Southern District Court by the Brown Law Firm, accuses the company's directors and/or officers of falsely expressing confidence in the company’s restructuring of its sales incentive plan and downplaying the severity of decreases in its upfront commitments. The case is 1:24-cv-07594, Roy v. Ittycheria et al.
Who Got The Work
Amy O. Bruchs and Kurt F. Ellison of Michael Best & Friedrich have entered appearances for Epic Systems Corp. in a pending employment discrimination lawsuit. The suit was filed Sept. 7 in Wisconsin Western District Court by Levine Eisberner LLC and Siri & Glimstad on behalf of a project manager who claims that he was wrongfully terminated after applying for a religious exemption to the defendant's COVID-19 vaccine mandate. The case, assigned to U.S. Magistrate Judge Anita Marie Boor, is 3:24-cv-00630, Secker, Nathan v. Epic Systems Corporation.
Who Got The Work
David X. Sullivan, Thomas J. Finn and Gregory A. Hall from McCarter & English have entered appearances for Sunrun Installation Services in a pending civil rights lawsuit. The complaint was filed Sept. 4 in Connecticut District Court by attorney Robert M. Berke on behalf of former employee George Edward Steins, who was arrested and charged with employing an unregistered home improvement salesperson. The complaint alleges that had Sunrun informed the Connecticut Department of Consumer Protection that the plaintiff's employment had ended in 2017 and that he no longer held Sunrun's home improvement contractor license, he would not have been hit with charges, which were dismissed in May 2024. The case, assigned to U.S. District Judge Jeffrey A. Meyer, is 3:24-cv-01423, Steins v. Sunrun, Inc. et al.
Who Got The Work
Greenberg Traurig shareholder Joshua L. Raskin has entered an appearance for boohoo.com UK Ltd. in a pending patent infringement lawsuit. The suit, filed Sept. 3 in Texas Eastern District Court by Rozier Hardt McDonough on behalf of Alto Dynamics, asserts five patents related to an online shopping platform. The case, assigned to U.S. District Judge Rodney Gilstrap, is 2:24-cv-00719, Alto Dynamics, LLC v. boohoo.com UK Limited.
Featured Firms
Law Offices of Gary Martin Hays & Associates, P.C.
(470) 294-1674
Law Offices of Mark E. Salomone
(857) 444-6468
Smith & Hassler
(713) 739-1250