Threat Watch

Michigan’s Online Bar Exam Disrupted by Cyber-Attack

On Tuesday morning, prospective lawyers wishing to take the Michigan bar exam online found themselves locked out of the exam software. According to statements from state bar officials and ExamSoft, the company providing the exam system, the lockout was caused by a cyber-attack on the exam system. Few details of the attack are being made public at this time, as the investigation is ongoing, but what has been revealed is that a “sophisticated cyber-attack” targeted the login process for the exam which then caused “a glitch” that locked all users out of the exam. ExamSoft was adamant that at no time during the attack were any users’ details compromised.

ANALYST NOTES

While this attack could have been significantly worse and it was lucky that no data was compromised in the attack, attacks like these can be disastrous for any organization. Any time an attack takes place there is a loss of trust from current and prospective users/clients in the organization that was attacked. Even the claim that “no data was compromised” gives little reassurance after numerous organizations in the past has made similar claims only to have to admit later that data was, in fact, compromised. For this reason, it is important for organizations to work to prevent cyber-attacks before they happen and to work to stop attacks as early as possible. Following an attack, it is important to monitor criminal underground forums and marketplaces where cyber-criminals might leverage any stolen data. This can aid in response from both security and public affairs personnel. Endpoint detection and response services and SIEM monitoring aid greatly not only in allowing security personnel to cut off an attack before it is able to cause damage but to also recognize reconnaissance activity from attackers being carried out prior to an attack. Social media and Darknet monitoring can provide vital insight into what cyber-criminals are doing and are interested in, which allows organizations to put security policies in place to defend against attacks before they happen and to respond to further threats from criminals. More information on this incident can be found at: https://news.bloomberglaw.com/business-and-practice/cyber-attack-locks-michigan-bar-exam-takers-out-of-online-test