Denver law firms say they are on the alert after reports that computer hackers have targeted client information of some national law offices.
The FBI in November said it had seen “noticeable increases” in efforts to hack into law firms’ computer systems — a trend that cyber experts say began as far back as two years ago but has grown dramatically.
Law firms are targeted because they likely store valuable client information such as Social Security numbers or bank account information, said Chris Roberts, managing director of Denver-based Cyopsis, a computer security company.
He said when employees who work from home use company laptops to sign onto their personal Internet accounts, hackers can backtrack into the company server if the network is not secure. Smart phones, such as BlackBerrys and iPhones, allow the same potential access avenue.
Denver law firm Holme Roberts & Owen has not had a security breach, but systems are constantly being updated and checked, and employees are continuously trained to avoid breaches, said Dan Lissek, the firm’s director of information technologies.
“The human element is always the biggest risk. People make mistakes,” Lissek said.
Hackers will send legitimate-looking e-mails to people with common online threads, such as the same online banker, store or workplace. They ask recipients to follow a link and provide personal information, Roberts said.
The best protection against server invasion is data encryption, said attorney Scott Martinez, who specializes in data security law at Holland & Hart in Denver.
Information is scrambled before being sent to a recipient, and that person must have the key to put the pieces back together.
Sending someone encrypted data without the key is like handing someone a 10,000- piece puzzle without the photo, Martinez said.
Bradford Bleier, unit chief with the FBI’s cyber division, told attendees at an American Bar Association conference in November that companies need to start re-evaluating what they put on their networks because hackers are getting more sophisticated.
Economic information about clients, particularly ones involved in sensitive business deals, also could be compromised, the crowd was told.
The Associated Press contributed to this report.
Jordan Steffen:303-954-1638 or jsteffen@denverpost.com
