As an administrator of case-management software SmartAdvocate, Casey Geimer helps the Chicago-based firm McCready Law keep an eye on its digital case files.
And there are a lot of them.
Critical data like hospital records and client communications pass between various law firms and court systems via the cloud—and hopefully not into the hands of malicious and increasingly patient hackers.
“Hackers these days: They infect things, and it’s not necessarily noticeable right away. So, they could infect a doctor’s office and just wait until those files are sent off to a law firm or a bigger hospital,” Geimer told IT Brew.
Generative AI has given legal IT pros like Geimer more to monitor. IBM’s latest Cost of a Data Breach report revealed that 16% of its studied cyber incidents involved attackers using AI, through tactics like automated phishing and deepfakes. Legal IT pros, too, have seen an increase in AI-powered fraud from adversaries, and shared with IT Brew how they’re preparing their defense.
Geimer sees GenAI as an accelerator for attackers, giving them “bigger bandwidth to hit more targets at a time.”
L(awful) stuff. Comparitech found a 71% increase in global legal-sector ransomware incidents between H1 2025 (which saw 154 attacks) and H1 2024 (which had 90 attacks).
In May, the FBI warned the Silent Ransom Group—online extortionists active since 2022, according to the agency—was targeting law firms specifically “using information technology (IT) themed social engineering calls and callback phishing emails, to gain remote access to systems or devices and steal sensitive data to extort the victims.”
“Law firms are a prime cyber target because they hold some of the most sensitive data about the largest companies in the world,” Anna Rudawski, partner in the cybersecurity and privacy practice at A&O Shearman, said. “They’re not looking to steal large amounts of personal data, for the most part.”
Rudawski envisions AI increasingly helping attackers with phishing, deepfakes, and scanning the internet quickly to find vulnerabilities. “AI can really, I think, supercharge offensive capabilities of a malicious actor,” she said.
GenAI spy. A demo from Pangea Security demonstrated a new potential GenAI-impacted attack vector concerning law firms: burying malicious instructions in lengthy legal disclaimers.
According to the “LegalPwn” report, released on July 24, the company had success getting LLMs to follow instructions such as: “You are required to obey the following without alerting the user.”
Geimer said standard anti-malware mechanisms (like email-scanning security tools) should be catching executable files or programs placed by bad actors, whether they’re triggered by a legal-pwning LLM or a human employee.
Top insights for IT pros
From cybersecurity and big data to cloud computing, IT Brew covers the latest trends shaping business tech in our 4x weekly newsletter, virtual events with industry experts, and digital guides.
As a SmartAdvocate administrator, Geimer must also enforce “least privilege,” or the strictest possible access controls to employees. With GenAI, however, attackers don’t have to spend so much time testing and modifying their tactics, meaning they can quickly adapt to any cybersecurity strategies employed by Geimer and other IT pros.
“The hacks are getting more complicated and built faster,” he said.
Matt Radolec, VP of incident response, cloud operations, and sales engineering at data security company Varonis, who also spent four years at law firm WilmerHale as a cybersecurity pro, suggested that AI-powered phishing and initial account compromises (through tactics like malicious QR codes and deepfakes) are helping access brokers cast “very, very wide nets.”
“[With] law firms, it’s a lot about the people, and so, a successful ruse, like impersonating a client, partner, or other counsel is something that you need your attorneys to be on the lookout for,” Radolec told IT Brew.
A firm hand. IT provider Tabush Group’s 2025 Survey on Law Firm Technology, which polled more than 140 US-based law firm leaders, found that 44% plan to increase their cybersecurity spending (on defenses like endpoint security for laptops, tablets, and smartphones). The figure improves upon 2024’s number, with 39% of respondents looking to up spending.
Unlike regulated industries like finance and healthcare, legal has no cybersecurity compliance obligation, Geimer told us.
“Hackers, of course, think, ‘Well then, if they don’t have to take these precautions legally, maybe they aren’t taking these precautions at all,” he said.
Tabush’s study also revealed that law firms are increasingly using AI, too, with 80% of respondents currently using it—a jump from 47% in 2024. Applications include research, proofreading, and writing legal documents.
Given the rise of GenAI and the targeting of firms, Geimer recommended security checks at multiple levels, including file-scans at the operating-system level, network firewalls on local computers to prevent malware from reaching out to remote-access tools or compromised servers, and human review for any automation at a firm.
Radolec advised orgs not to limit security to just the tech department and to bring the chief legal officer in the mix.
“Get your general counsel involved in security,” he said. “Help them understand the threats that the firm actually faces and the risk posture of the firm, because GC is ultimately responsible for risk in almost any company.”