Back in the day, keeping your law firm secure was mostly about putting important files under lock and key. A security breach meant an actual physical intruder or theft.
Now, law firm security is far more complex. There are more types of threats to consider — from phishing attacks to digital eavesdropping to botnet attacks. Not only are there significantly more bad actors on the scene, but they can infiltrate your firm’s confidential documents and critical data from anywhere in the world. And they could have hundreds or even thousands of potential entry points through your team’s various app accounts and devices.
To help your firm stay secure, it’s important to understand the types of ransomware variants you’re up against. One of the primary cyberattacks against law firms today is ransomware. Here we’ll walk through what ransomware is, where it comes from, the risks for your firm, and tips and resources you can implement to help prevent ransomware attacks.
Ransomware is a type of malware designed to hold a victim’s data hostage until an untraceable extortion is paid. This can be accomplished by locking users out of their desktop, laptop, or mobile devices, or by identifying data storage drives on the infected system and encrypting files within each drive. (In other words, your documents and data become completely unreadable unless you have the correct cryptographic key.)
The scariest part is that it doesn’t stop there.
Most ransomware attacks go undetected until after the damage is done. If you don’t have the right preventive measures in place, the initial ransomware infection can quickly hitch a ride to every shared device or file that was accessible from the original computer.
Of course, even when the victim pays up, there’s no guarantee the cybercriminals will actually decrypt the data. In fact, many go on to extort more payments from the victim using threats to expose sensitive data or sell it on the dark web.
Law firm ransomware attacks take countless forms and exploit a constantly evolving mix of hardware, software, and human vulnerabilities. Some of the more infamous ransomware varieties you may have heard of include locky, cryptolocker, petya, or wannacry and they all make infected data useless or inaccessible.
The most common attack vectors for ransomware are when an unsuspecting member of your team opens a phishing email or downloads a file from malicious software. But who’s behind it?
The truth is ransomware attacks can come from a single bad actor in search of bragging rights — the way a vandal might choose a car at random to steal or slash a tire. Often, however, these attacks are more organized, sinister, and deliberately targeted. After all, if the hacker is going to go to all the trouble of initiating an attack, they want to ensure their target can actually pay out.
You don’t have to be a mega-corporation with incredibly deep pockets to be a target for ransomware.
The Ohio State Bar reported almost 25% of ransomware attacks target professional services firms, especially small and midsize law firms, and the average ransom payment was more than $220,000. This may be due to SMBs underestimating their risk and failing to take the proper precautions against ransomware and other security threats.
And we’re all familiar with the high-profile attacks against larger firms over the last five years.
There’s no question that law firms can be a particularly tempting target — not just because of the money, but because of the sensitive client and matter information they possess.
In 2020, the ABA Journal reported on two small law firms whose data was attacked by the hacking group Maze. In past incidents, Maze has ransomed similar attacks for more than $1 million — dramatically impacting the growth of their victims.
In light of these attacks, it’s clear that if you haven’t experienced a ransomware attack yet, the odds are that your turn is coming, and the risk goes up every year. The Joint Cybersecurity Advisory reported 2021 trends show an increased globalized threat of ransomware, and they observed incidents involving ransomware against 14 of 16 of the US critical infrastructure sectors.
Put simply, you should think of a law firm data security breach in terms of when, not if.
The combined impact of these kinds of cybercrimes is mind-blowing, with losses running into the billions. The disruptions hit just about every sector you can think of, sometimes disabling vital systems that sustain law firms, financial institutions, hospitals, airlines, and even critical infrastructure networks.
There are many ways you can help prevent — and mitigate the effects of — ransomware attacks against your law firm. The more precautions you can implement, the better off you’ll be. Here are eight steps you can take.
Make sure you have written data protection, disaster recovery, and incident response plans in place. It’s also important to share them widely in your organization so that everyone understands their role in protecting your data. Ensure buy-in from top leadership because this is a business decision, not just an IT decision. Regular phishing and attack surface tests are very effective tools to raise awareness and vigilance.
Ransomware attacks often start with phishing, where the attacker will gain access to the network by stealing a legitimate user’s password. Reduce the risk of phishing by using both multifactor authentication (MFA) and password management tools.
MFA requires at least two forms of verification for a user to gain entry to the system — for example, a correct password and a push notification or call to the user’s mobile phone. Password management tools can enforce sufficiently complex passwords, regular password updates, and other security best practices that will limit opportunities for bad actors to access the system.
Ransomware protection isn’t a one-and-done activity. Cyber threats evolve rapidly to get ahead of new security measures, and new vulnerabilities will open up with shifting user habits and as you adopt new hardware and software. It’s important to keep your apps updated so you’re protected against the latest threats and vulnerabilities.
Follow a rigorous IT process for installing antivirus software, email filtering features, and anti-malware applications, and be sure to keep your operating system up to date. Even the most powerful security tools are no good if your people don’t adopt them — so train, train, train. And implement measures that are “invisible” and seamless for users.
There are business continuity software platforms that can help you recover from a ransomware attack by restoring your systems to the last known safe state before the attack took place. The best ones allow flexible physical and virtual restoration.
If your backup files are accessible from your daily operating platform, chances increase that they can become infected when your endpoints “phone home” to upload new versions. Separate storage appliances are widely available at a variety of price points.
The FBI, the Department of Homeland Security, and the Cybersecurity and Infrastructure Security Agency (CISA) all publish regular reports and updates on new trends and vulnerabilities to watch out for. You can subscribe to authoritative newsletters and adjust your protection plans regularly.
You should also ensure the teams behind your most important apps and platforms are vigilant about recognizing and responding to new security threats. It takes reliable partners to help keep your data safe and secure. Learn how NetDocuments helps law firms meet — and exceed — security and governance requirements.
Your team members might not be fooled by a classic “Nigerian Prince” scam email, but malicious emails and other cyberattacks are growing far more sophisticated. Provide ongoing security awareness training that covers common phishing techniques so your team can stay savvy to recognize potential threats and know what to do when they encounter one.
The most important thing you can do for your firm is to stay vigilant and stick relentlessly to common sense best practices. Taking preventive measures and increasing awareness will ensure you’re prepared for today’s never-ending data protection battle.
The NetDocuments platform is designed to help you gain control of your documents, emails, and discussions. While your data is within our platform, our award-winning security solution provides a flexible and robust framework that can help protect you from ransomware attacks. Want to learn more? Schedule a demo today!
Get more tips on how to prevent a data breach by watching this free, on-demand webinar.