Ransomware has become the premier weapon of choice for cybercriminals to launch cyber attacks, cause disruption and generate significant revenue. While some argue that ransomware attacks are slowing down, the data shows otherwise. A recent report by SonicWall shows that nearly 100,000 ransomware attacks are happening per day in 2018. This is a whopping 25 times higher than the previous number of 4,000 attacks per day that was reported by the FBI in 2016.
From a cybercriminal’s perspective, the motivation to continue launching ransomware attacks remains high. This is due to several factors:
To make matters more challenging, the legal industry remains largely unprepared to defend itself effectively against ransomware. It’s cost prohibitive for many companies to replace their older PCs and servers with newer, more secure systems. It’s also difficult to keep the PCs and servers up-to-date with the latest software. Legacy systems and outdated software have well-known and well-documented vulnerabilities in the security community. In fact, known vulnerabilities were exploited to shock the world in both the WannaCry and NotPetya ransomware attacks in 2017.
We’ve also seen several high-profile ransomware attacks specifically targeting the legal sector in the past few years, including: a ransomware attack on the big law firm DLA Piper, which was impacted by NotPetya; the Montgomery County Court Systems, which were forced to pay over $40,000 to regain access to their data and spend an estimated $250,000 in the months following the attacks to upgrade their security capabilities; and the City of Atlanta, which was impacted by the SamSam ransomware variant, causing its Police Department to lose years of dash cam video evidence.
When it comes to law firms and accompanying entities in the legal ecosystem, such as courts, court reporters, evidence departments, patent offices, and city offices, ransomware attacks become increasingly harmful due to the sensitive nature of the data and documents that each of these offices handles and stores. The documents are often confidential, personal, and sometimes irreplaceable.
Can you imagine a document containing a proprietary patent-pending invention for a business being rendered inaccessible due to a ransomware attack? Or a family will being destroyed? Or evidence for a crime scene getting encrypted?
Ransomware attacks not only make such critical documents inaccessible, but the attackers can also threaten to release sensitive information to the public if the ransomware payment is not made in a timely fashion.
Taking it a step further, law firms that fall victim to ransomware not only have to address recovering and safeguarding sensitive data, they also face a direct hit to their incoming revenue. A law firm in Rhode Island recently sued their insurance company for $700,000 of lost billings as the result of a ransomware attack.
Given the prevalence of ransomware attacks in the legal sector, how can firms protect themselves? The key is to implement a defense-in-depth, layered security approach. Here are some tips that can help firms gain an advantage over adversaries:
The Internet is a dangerous place and ransomware never sleeps. It is prudent to take the above measures to heart and implement them, because, as the saying goes, an ounce of prevention is worth a pound of cure.
Copyright © 2019 Legal IT Professionals. All Rights Reserved.