|
|
|
|
 |
| Is there a real computer threat? |
|
|
|
| |
The answer to this question is an overwhelming "yes". Many of our clients who deferred the expense of updating the virus programs or purchasing a firewall have regretted this decision. In recent months, "hackers" have found many ways to get around the safeguards provided with Microsoft Windows NT and the Proxy and Exchange Servers. Many of these holes in the Microsoft software are published in certain Internet web sites faster than Microsoft can find ways to plug them.
Recently, we have seen a new set of viruses that are embedded in e-mail messages that can infect your system even if you don't open the message attachment. We have also found viruses that are transmitted directly to your system over the Internet without the use of e-mail. Besides the well publicized destructive potential of viruses, they can also attach Trojan Horses that both provide direct access to your system and propagate to other systems. These unauthorized persons take advantage of holes in the Microsoft Windows desktop and server software. Microsoft continues to publish fixes that plug many of these holes, but hackers find new ones. A hacker with unauthorized access to your system can copy sensitive information stored on your system, modify data on your system, or perform a variety of other mischief.
|
|
|
| What is the threat? |
|
|
|
| |
More than 80% of all intrusions are from inside the firm and not from the Internet. Cleaning people and disgruntled employees are the major culprits. While unauthorized access to your network by a hacker may not provide the hacker with information that could not be obtained through Discovery, there remains the risk that a hacker may cause files to be corrupted or lost or a failure to the network that may take many hours to repair. In addition, a hacker may steal information about your clients, cases, credit cards and other sensitive information.
A hacker may also use your servers and computers to overwhelm other sites. This exposes your firm to a liability since the courts have held companies liable when companies have not taken any steps to prevent unauthorized access to their systems and their servers and computers are used to overwhelm another site. It is estimated that there are tens of thousands of servers in a "zombie configuration." If you do not believe that this risk is real, you should read the article by Steve Gibson of Gibson Research Corporation at http://grc.com/dos/grcdos.htm, describing how his server was knocked off the web by a hacker using thousands of zombie computers. The owners of these computers as well as their Internet Service Providers were completely unaware that their computers were being used to overwhelm sites on the Internet.
|
|
|
| Who is doing this? |
|
|
|
| |
Most hackers are teenagers who download penetration software from the web and automatically scan sites for vulnerabilities. They are nondiscriminatory, random, and destructive. The hacker described in the previous paragraph was 13 years old. In another incident authorities in Denmark arrested a 17-year-old suspected of being connected with the attempt to disrupt a large part of the Internet.
Hackers use programs which continuously scan the Internet in a random fashion to discover computers that are open to intrusion. Hackers use this information not only to hack into the systems that are available, but also publish this information on available "hacker" web sites so that other hackers can also to hack into these systems.
|
|
|
| Privacy Issues |
|
|
|
| |
Most people are unaware that the last set of ten or more changes to Word and WordPerfect attachments can be viewed by the recipient using the word processor "Undo" function. This includes name and other changes made to a document used previously for another client.
This is easily fixed in WordPerfect by turning off the "Save Undo/Redo" (Edit - Undo/Redo History - Options - uncheck the Save Undo/Redo items with document). The history of all changes in the file copy of the document will be discarded when the document is saved.
It is more difficult to discard the history of changes to Word documents. This basically entails saving the document in an "RTF" format. Then, saving it back to a Word format.
The agreement for services provided by AOL and other Internet Service Providers often provides the provider with the right to view e-mail. Any client who uses AOL has waived his right to privacy in any e-mail or in the attachments that you may send to them. AOL will not inform you if an opposing party can subpoena AOL for access to this e-mail. You probably should consider the use of an e-mail encryption program to assure privacy of documents sent over the e-mail.
|
|
|
| What can law firms, particularly small firms, do to protect themselves? |
|
|
|
| |
Design One Corporation recommends the following steps:
- Review all security procedures, user-id's and passwords and evaluate network penetration vulnerabilities.
- Install a good anti-virus program which is updated nightly over the Internet.
- Install a sound Firewall and have it set up by an expert. Improperly installed Firewalls do not close off all of the paths of vulnerability.
- Use of an e-mail encryption program when it is necessary to assure privacy of documents sent over the e-mail.
- Additional protection, such as 24x7 monitoring and Intrusion detection software can be useful when you have very valuable and sensitive information on your system.
|
|
|
| Conclusion |
|
|
| |
I am often asked whether I think a firm should continue to use the Internet. Clearly, e-mail and legal research provide very valuable tools for the firm. It makes sense to continue to use them when steps are taken to protect your system from viruses and intrusion. This can be a disadvantage to small firms because the costs of protection are not scaled according to the size of the firm.
My prognosis is that things are getting worse but awareness and protection are way up.
|
|
|
|
