The Pulse Secure Blog

Exploring and Discussing Secure Access Trends and Technologies

Two Major U.S. Law Firms Fall Victim to DDoS Attacks

According to a report issued by the Wall Street Journal, random hacker attacks may have seriously compromised valuable information at several major U.S. law firms. Sources told the Journal that Cravath, Swaine & Moore LLP and Weil, Gotshal & Manges LLP were bombarded last summer by Distributed-Denial-of-Service (DDoS) breaches. The firms represent Wall Street banks and Fortune 500 firms. The FBI and Manhattan U.S. attorney general are leading an investigation into the incidents.

What Was Compromised?Sensitive data may have been obtained to help hackers engage in insider trading. Sources cited by the Journal explained because this was a DDoS attack, it will be difficult for investigators to determine if any information was actually used for illegal purposes. Cravath law firm officials have played down the incident, calling it a “limited breach” of its computer network. The firms had warnings earlier in the year. The security firm Flashpoint reportedly issued alerts to 50 prestigious law firms in 2015 about a potential hacking attempt. Sources say these attacks have “picked up steam.”

What is the Cost of The Data Breach?Actual costs or damages caused by the data breach have not been confirmed by the law firms or law enforcement officials. Damages are often difficult to determine until much later when sensitive information is used to commit a crime. Hackers often target law firms to obtain information about patents, litigation, trade secrets or corporate mergers.

Next Generation Secure Access Solutions Reduce Risks of Data BreachesDDoS threats are pervasive, difficult to detect and on the rise – especially among U.S. law firms. DDoS attacks bombard a target with massive amounts of traffic to compromise computer systems. Cybersecurity firm Mandiant reports that 80 of the 100 largest law firms in the U.S. have been victims of cyber-attacks since 2011. A 2015 American Bar Association Legal Technology Survey Report reports 15 percent of all law firms experienced security breaches.

Hacking methods are more sophisticated and frequent. Law firms and other businesses must ensure only authorized users connected from properly secured and authorized devices gain access to sensitive data. Antiquated perimeter and password-based security models no longer work. Due diligence must be taken to evolve security strategies toward next-generation, secure access solutions.

How Secure is Your Network?Businesses must have intuitive and granular network access control (NAC) and remote access security to circumvent security breaches. Without this layer of protection, endpoints are not protected and sensitive information is at risk. Pulse Secure products deliver secure and optimized access to data center applications, network, and cloud services while ensuring consistent native-user experiences across any device. Access, authentication, and security are easily controlled all in one place. Threats are quarantined and problems averted.

Pulse Policy Secure offers complete transparency. It makes controlling who and what connects to your network simple. This contemporary NAC solution is built for the next generation of networks offering:

  • Automatic Device Onboarding for Macs, PCs, smartphones and tablets.
  • Regulatory Compliance that complies with the most stringent industry and government regulations.
  • Device compliance to ensure that only authorized users with authorized devices can access corporate resources.
  • Contextual Access Control across wired and wireless connections, personal and corporate devices.
  • Guest User Management to restrict casual visitor access to your network.

Pulse Connect Secure offers the best mobile VPN to enable secure access from any device to enterprise apps and services in the data center or cloud. All connecting devices comply with your requirements with:

  • Strong authentication
  • Clientless Access
  • Role based access policy
  • Device compliance
  • Granular access for both enterprise and SaaS applications 

Traditional security solutions only validate the user authentication, Pulse Secure is built to secure next generation of users – Pulse Connect Secure ensures that only valid user with authorized devices can access enterprise applications. 

Enterprises from every vertical and all sizes use Pulse Secure’s  VPN, NAC, and mobile security products to enable end-user mobility securely and seamlessly in their organizations.

Networks must be fully protected today. Is your law firm or business fully safeguarded against a massive data breach?