Cyberattacks are increasing at a startling rate in the business community, not only by hackers for personal intellectual skullduggery, but cyberattacks aimed at obtaining sensitive information that is the heart of the operation of industrial corporations, banks, brokerage houses, and worldwide sales organizations. Law firms have become major targets of these illegal attacks, which are aimed at discovering and pilfering the entire subject matter of a commercial operation. One example is the corporate snooper who will use cyberespionage in an M&A transaction to understand what the competitors are bidding. As discussed below, quite often, such cyberespionage is never discovered or not until a long time after the transaction is completed.

Why law firms? Law firms are frequently consulted by clients on business mergers, marketing and competition strategy, patents, and sensitive problems with government regulators, and possible civil and criminal suits with federal and state regulators. They routinely possess a large quantity of documents and materials that a client’s unscrupulous competitor would be eager to see and use. And, they are far easier targets of a cyberattack than their business clients.