Login | April 19, 2024
Ransomware attacks multiple law firms
RICHARD WEINER
Technology for Lawyers
Published: June 17, 2016
It is here. In the law office. One of the worst forms of phishing is now deliberately attacking law offices, winning and getting away with it.
Ransomware.
It starts out as a phishing expedition. Click on the wrong link (by an untrained legal assistant, for instance), and a virus gets loaded into your system that systematically encrypts your data. You then get an email telling you that you can only get the key to de-encrypt your data if you pay. Cash.
Now, this is not related to stealing data, which is a separate, unrelated problem. This is a hijacking of data for a ransom. And you will have to pay to get your data back. There’s no way out of that.
Many of these ransoms are not for a lot of money in any given individual case. However, with the growth of billion-dollar law firms, that day is certainly coming.
The FBI has estimated that ransomware has cost U.S. businesses over $200 million in the first quarter of 2016. Kaspersky Labs estimates that almost 60 percent of all businesses suffered a ransomware attack in 2015.
Won’t happen to you? Nearly 50 of the top law firms in the country experienced ransomware attacks last year and many experts feel that these hackers are deliberately going after law firms.
So the advice from everyone from the ABA on down is to do everything you can to lock ransomware out of your computer system.
Here are steps that you need to take from various sources:
Encrypt all of your data yourself to start with. Have an actively monitored firewall (cheaper than paying a ransom).
Always, always (and constantly) back up your data. Either do this with a cloud service (which themselves have been subject to ransomware attacks here and there), or preferably into a dedicated storage server that is physically disconnected from the main firm system except for the times that it is backing up data. And monitor the backup.
Keep all hardware and software fully updated.
Block all executable files and compressed (zip) files. IT only! Educate staff to not open any that they see in email.
Continual training BTW.
Program hard drives on your computer network to prevent any unidentified user from modifying files.
Sorry but heavily restrict websites that employees can access from work. Lots of ransomware gets loaded through compromised websites.
This is pretty technical but have IT develop bait files (look it up).
Do it now!