Trustwave Rapid Response: CrowdStrike Falcon Outage Update. Learn More

Trustwave Rapid Response: CrowdStrike Falcon Outage Update. Learn More

Services
Capture
Managed Detection & Response

Eliminate active threats with 24/7 threat detection, investigation, and response.

twi-managed-portal-color
Co-Managed SOC (SIEM)

Maximize your SIEM investment, stop alert fatigue, and enhance your team with hybrid security operations support.

twi-briefcase-color-svg
Advisory & Diagnostics

Advance your cybersecurity program and get expert guidance where you need it most.

tw-laptop-data
Penetration Testing

Test your physical locations and IT infrastructure to shore up weaknesses before exploitation.

twi-database-color-svg
Database Security

Prevent unauthorized access and exceed compliance requirements.

twi-email-color-svg
Email Security

Stop email threats others miss and secure your organization against the #1 ransomware attack vector.

tw-officer
Digital Forensics & Incident Response

Prepare for the inevitable with 24/7 global breach response in-region and available on-site.

tw-network
Firewall & Technology Management

Mitigate risk of a cyberattack with 24/7 incident and health monitoring and the latest threat intelligence.

Solutions
BY TOPIC
Offensive Security
Solutions to maximize your security ROI
Microsoft Exchange Server Attacks
Stay protected against emerging threats
Rapidly Secure New Environments
Security for rapid response situations
Securing the Cloud
Safely navigate and stay protected
Securing the IoT Landscape
Test, monitor and secure network objects
Why Trustwave
About Us
Awards and Accolades
Trustwave SpiderLabs Team
Trustwave Fusion Security Operations Platform
Trustwave Security Colony
Partners
Technology Alliance Partners
Key alliances who align and support our ecosystem of security offerings
Trustwave PartnerOne Program
Join forces with Trustwave to protect against the most advance cybersecurity threats

Trustwave SpiderLabs: The Unique Factors that Make Professional Services a Target

Trustwave SpiderLabs has put together nine vertical threat reports over the past 12 months, but in its most recent effort, the 2024 Professional Services Threat Landscape: Trustwave Threat Intelligence Briefing and Mitigation Strategies report, our team of elite researchers delve into one of the broadest and most complicated vertical sectors yet covered.

Professional services differ somewhat from verticals such as healthcare, manufacturing, and retail because they encompass many different business types, ranging from accounting to legal to various consultancies. Each can be attacked in a specific way, which means no silver bullet works for all security measures that can be put in place.

Additional unique factors include:

  • High Value of Data: Law firms and other professional services firms deal with a wealth of sensitive information - intellectual property, legal documents, financial records, and personal client data. This data is highly attractive to cybercriminals seeking financial gain, a competitive edge, or for identity theft purposes.
  • Complex Vendor Ecosystem: These firms often rely on a network of third-party vendors and suppliers for various services. Each vendor introduces a potential security risk, as a weakness in a vendor's system can be exploited to gain access to the professional services firm's network.
  • Regulatory Burden: The professional services industry, especially law firms, faces strict regulations regarding data protection, privacy, and security. Compliance with these regulations can be complex, requiring significant resources and ongoing vigilance.
  • Reputation is Paramount: A cyberattack can have a devastating impact on a professional services firm's reputation. Clients trust these firms to keep their data confidential and secure and a data breach can erode client trust and damage future business prospects.

The 2024 Professional Services Threat Landscape: Trustwave Threat Intelligence Briefing and Mitigation Strategies will walk the reader through all the attack types used against professional service organizations, but let’s take a look at one of the most prevalent.

 

Supply Chain Exposure

The report covers how threat actors have been successfully attacking third-party vendors. In many cases, this is done to gain access to an organization further up the supply chain.

However, professional services present an interesting dichotomy. Not only are they vulnerable to an attack on their supply chain, but after all, many tend to use multiple vendors to provide their services, and they are often part of another organization's supply chain. This fact could make them twice as appealing to the average attacker.

Trustwave SpiderLabs details how third-party software, particularly file transfer services like MOVEit, is a common cause of supply chain breaches in professional services. Later in the report, we’ll highlight several examples where MOVEit vulnerabilities were exploited to access sensitive data at firms like Ernst & Young, Deloitte, PwC, and Kirkland & Ellis. The report also details breaches caused by vulnerabilities in third-party cloud storage platforms and electronic discovery vendors used by professional services firms like Proskauer Rose, Quinn Emanuel, and Goodwin Procter.

To reduce the risk of being hit with a supply chain attack, Trustwave SpiderLabs suggests:

  • Vet Third-Party Vendors: Conduct security assessments and include strict cybersecurity clauses in contracts, requiring regular audits and breach notifications.
  • Review & Patch: Regularly review vendor security practices, conduct vulnerability assessments, and implement penetration testing.
  • Tighten Internal Controls: Enforce access controls, change control, and audit trails to monitor unauthorized activity.
  • Data Security: Encrypt sensitive data at rest and in transit, restrict access based on need, and monitor access logs for suspicious behavior.
  • Compliance: Ensure vendors comply with relevant data protection regulations.
  • Employee Training: Train employees on cybersecurity hygiene to identify and prevent phishing and social engineering attacks.

 

Trustwave SpiderLabs Industry Report Series

As previously noted, the professional services sector report is the latest in a series researched and published by Trustwave SpiderLabs. Please visit these for an in-depth analysis of the security issues facing each industrial sector:

Please download the 2024 Professional Services Threat Landscape: Trustwave Threat Intelligence Briefing and Mitigation Strategies for all the background details on these threats, the groups behind them, and how to properly defend your professional services firm.

Latest Trustwave Blogs

De-Risk Technology Transitions and Save Money with Trustwave

With all the issues happening in cybersecurity technology lately, such as CrowdStrike’s software update that caused massive outages worldwide last week, it behooves all organizations to take a...

Read More

How Cybercriminals Use Breaking News for Phishing Attacks

Trustwave SpiderLabs issued a warning that threat actors may attempt to take advantage of CrowdStrike’s software update that caused widespread outages by using the news as the center of a social...

Read More

Trustwave Response: CrowdStrike Falcon Outage Update

Trustwave is proactively assessing and monitoring our clients who may have been impacted by CrowdStrike’s recently rolled-out update for its Windows users. The critical issue identified with...

Read More