How a Small Law Firm was Used for an Extensive Cyberattack

TO GET TO THE POINT (click here)


I recently had the pleasure of reading a guest blog post on Peter Vogel‘s Internet, Information Technology & e-Discovery Blog that was authored by John Ansbach. This alone is important because I have a world of respect for Peter and John.

If you did not already know it, Peter is, in my view, the Godfather of cyber law and the person who has been a pioneer in this space since well before words “cyber” and “law” ever clicked together in most of our minds.

John is no newcomer in this space either and has been a vocal leader in the cybersecurity law space for years through his role as General Counsel of General Datatech, L.P., his blogging on The Ansbach Technology Blog, his speaking, and through his participation in various American Bar Association groups, where I first began to follow his work. (In fact, on May 4, 2016, John and I both will be on a panel discussing Corporate Governance meets Cyber Risk for the University of Texas at Dallas’s Institute for Excellence in Corporate Governance.)



Yesterday I wrote a post about how social engineering is one of, if not the, biggest threat that most businesses face. In that post, I talked about the business email compromise and referenced the Office of Inadequate Security‘s list of organizations that have fallen for the W-2 iteration of the business email compromise.

Attackers potentially gained access to customers' personal information (shutterstock)Last week I posted Law Firm Cybersecurity: I hate to Say I Told You So But …  and blabbed on about why law firms are a prime target for cybersecurity attacks (though admittedly, I did not envision this current use discussed below).

So, you may be wondering, what does all of this have to do with John Ansbach’s post on Peter’s blog?

In Small Texas Law Firm Used in International Cyberattack, John describes exactly how attackers compromised the law firm email system of rural Texas solo practitioner James Shelton and used its email system to carry out an international phishing campaign. John knows how it worked because his company received one of the purported emails! The way the bad guys carried out this attack is fascinating and is something that could easily be done to many law firms and businesses.

Go read John’s post and then come back and tell me that you are absolutely sure that your firm or your business are not vulnerable!


Shawn Tuma (@shawnetuma) is a business lawyer with an internationally recognized reputation in cybersecurity, computer fraud and data privacy law. He is a Cybersecurity & Data Protection Partner at Scheef & Stone, LLP, a full-service commercial law firm in Texas that represents businesses of all sizes throughout the United States and, through its Mackrell International network, around the world.

5 thoughts on “How a Small Law Firm was Used for an Extensive Cyberattack

  1. It has been seen that the number of reported attacks up are increasing rapidly nowadays. Eyeing on security tools like spam filters, firewall software, anti-spyware and pop-up blockers will definitely stop these type of attacks. Large law firms may take help from cyber security experts to handle these type of attacks.

    1. Thank you for your comment! I agree that those tools will help — significantly — in keeping many of the attacks in check, however, hackers have learned that law firms — large and small alike — can be used as attack vectors for our clients (as Fazio was used for Target) and that puts all in the crosshairs.

This site uses Akismet to reduce spam. Learn how your comment data is processed.