Lewis Brisbois Cyberattack Highlights a Growing Threat to Big Law Firms

A recent cyberattack targeting Lewis Brisbois Bisgaard & Smith LLP highlights a growing shift in how hackers are infiltrating major law firms. Rather than relying on phishing emails, cybercriminals are increasingly using phone calls to manipulate employees into granting access to sensitive systems, Bloomberg Law reported.

Earlier this month, hackers reportedly attempted to access Lewis Brisbois employees’ accounts by impersonating the firm’s IT personnel during phone calls. The incident reflects a broader trend seen across large firms, where threat actors are moving away from email-based attacks and instead applying pressure on employees over the phone to gain entry.

Cybersecurity experts say such tactics exploit the weakest link in any organisation — human behaviour.

Several support staff at Lewis Brisbois work remotely or on hybrid schedules, often accessing the firm’s internal network from personal devices. While this arrangement has become common in the post-pandemic legal sector, experts warn it creates additional vulnerabilities, particularly when attackers pose as trusted IT staff seeking remote access to devices already connected to the firm’s virtual private network (VPN).

The Federal Bureau of Investigation warned last month that cyber groups such as Silent Ransom are increasingly focusing on law firms, aiming to bypass two-factor authentication and other security barriers.

Legal and cybersecurity professionals say large law firms remain attractive targets because they hold vast volumes of highly sensitive client data, making them lucrative “one-stop shops” for cybercriminals.

It remains unclear who was behind the attempted breach at Lewis Brisbois or whether the attackers successfully infiltrated the firm’s systems. Representatives of the firm, which employs around 1,600 lawyers across the US, have not publicly commented.

High-value Data, High-stakes Attacks

The Silent Ransom Group — also known as Luna Moth — is known for sophisticated social engineering campaigns that use urgency and psychological pressure to trick employees into bypassing security safeguards. Once inside, attackers quickly extract sensitive data and attempt to extort organisations by threatening to publish or sell the information.

Experts say some ransomware groups even examine law firms’ cyber insurance policies and tailor ransom demands accordingly, sometimes seeking amounts close to policy limits.

The group has been linked to recent cyber incidents involving Orrick Herrington & Sutcliffe LLP and Fox Rothschild LLP, according to lawsuits filed against those firms.

In the Fox Rothschild case, a lawyer reportedly fell victim to a “sophisticated” social engineering operation. The firm later said the breach was limited to a single device and that there was no wider compromise of its systems.

Personal Devices Now Blocked

Following the recent incident, Lewis Brisbois disabled access to its internal network from employees’ personal devices, according to a 10 June internal email reviewed by Bloomberg Law.

In an earlier email dated 5 June, the firm’s Director of Information, Curtis Hendzell, warned employees to be cautious of urgent calls from individuals posing as internal IT staff while using spoofed caller IDs.

Cybersecurity specialists say restricting VPN access to company-managed devices adds an extra layer of protection and makes it easier to identify suspicious IP addresses during incident response.

Experts note that while many law firms still allow employees to use personal mobile phones or laptops for work, larger firms are increasingly tightening controls over unofficial devices to reduce exposure to evolving cyber threats.

The Lewis Brisbois incident serves as another warning that cybercriminals are adapting their tactics — and that for law firms handling sensitive legal and corporate information, traditional security measures may no longer be enough.

 

 For any enquiries or information, contact ask@tlr.ae or call us on +971 52 644 3004. Follow The Law Reporters on WhatsApp Channels.