Explore Legal.io

For Clients
Legal.io company logo
Hire Talent
Find the best fit for any legal role
For Members
Jobs
The best legal jobs, updated daily
Salaries
Benchmark compensation for any legal role
Learn
Learn and grow with our community
Events
Connect with peers at exclusive events
Apps
Tools to streamline legal work
Advertise on Legal.io
Post a job for free
Reach more qualified applicants quickly
Advertise with Us
Reach a targeted audience

For Clients

Hire Talent
Legal.io company logo
Solutions
Find the best fit for any legal role
New Hire
Get highly qualified candidates in days
Popular Roles
Data & Tools
Budget Calculator
Plan and manage your legal budget
Salary Insights
Compensation data for legal roles
Vendor Directory
The ultimate list of legal tech tools

The Sound of Risk: Mapping Keystrokes with Deep Learning and Its Implications for Law Firms

Explore the recent research on deep learning and keystroke mapping, achieving 95% accuracy in translating sounds to letters. This article highlights how this technology unveils new security concerns, focusing on law firms' unique vulnerabilities, including data breaches and cyberattacks on valuable client information.

The Sound of Risk: Mapping Keystrokes with Deep Learning and Its Implications for Law Firms

Law firms, an essential component of the corporate world, are finding themselves increasingly in the crosshairs of cyber attackers and hackers, and new threats emerge continuously. A recent study by researchers Joshua Harrison, Ehsan Toreini, and Maryam Mehrnezhad has unveiled a deep learning model that can map recorded sounds of keystrokes to their corresponding letters with an astonishing 95% accuracy. This is how: 

  • Researchers pressed 36 keys on a MacBook Pro 25 times each, recording the sounds with an iPhone 13 and over a Zoom call.
  • The keystrokes were translated into spectrogram images, trained as an image classifier.
  • Further adjustments in the modeling process helped achieve the high-accuracy model detailed in the research paper.

Universal availability of microphones, coupled with advancements in machine learning, has brought a new dimension to security concerns. For law firms, this threat is particularly acute. With class actions filed against major firms like Bryan Cave Leighton Paisner and others, the legal sector has become a sweet spot for cyberattackers. Storing valuable data ranging from employee health and financial information to patent specifications and merger plans, law firms offer a treasure trove of top-secret and valuable information.

More than a quarter of law firms in a 2022 American Bar Association survey said they had experienced a data breach, up 2% from the previous year. The diversity of client data handled by law firms makes them valuable targets for cybercriminals. From financial statements to medical data and criminal records, the information is akin to currency in today's digital world. And yet, according to some experts, law firms lag behind industry best practices in cybersecurity.

Many firms lack the budgets to invest sufficiently in cyber defenses, making them soft targets for hackers seeking client data. Balancing maximum security with the need to share data across a firm creates a level of risk that many law firms struggle with. The lack of investment in adequate cyber defenses is no excuse, and industry standards must be adhered to, say legal experts.

The research conducted on deep learning to map keystrokes sheds light on a new angle of attack. The study utilized common devices, including a Macbook Pro known for its relatively quiet keyboard, and an iPhone 13. Countermeasures do exist, but the authors ultimately conclude that to be truly secure, a move away from typed passwords may be necessary.

As law firms grapple with the ever-changing landscape of cybersecurity, the recent revelations about deep learning's ability to map keystrokes present a unique and unsettling challenge. The threat goes beyond real-time surveillance; historical data, including recordings of meetings and webinars that may contain incidental keystroke sounds, could be susceptible to this new form of attack. In a world where data is currency and law firms are entrusted with highly sensitive information, this never-ending battle against bad actors will requires continued vigilance, innovation, and an unwavering commitment to safeguarding the very foundations of client trust and confidentiality.