Ransomware Risks for the Legal Industry

CQR

With the recent disclosure of an international law firm falling victim to a malware ransomware attack, cyber-security concerns are heightened in the legal industry. Find out how you can protect your firm from ransomware attacks.

 

Ransomware is a malicious cyber-attack which takes control of and encrypts digital information, demanding a monetary payout in exchange for the keys to decrypt information. Consequences of these attacks include six, seven, or even eight figure payouts to retrieve information and paying these ransom requests presents additional risks and challenges. On October 1st, an advisory was issued from the United States Treasury Office of Foreign Assets Control (OFAC) that stated paying ransom to cyber-attackers may result in criminal and civil penalties from OFAC[1].

The legal industry poses a lucrative target for cyber-attacks due to the personal information law firms are required to process and store. In addition, employees working remotely are an easier target for phishing malware, since much of the home office environment is beyond the control of the firm.

 

What can be done to protect your firm from ransomware attacks?

Protecting against ransomware comes down to two key things – Training and Technical Controls to reduce the risk of an attack, and Incident Management to respond.

Training and Technical Controls

Technical controls are an effective first line of defense to prevent malicious actors from breaching systems.  These include insuring an effective data backup program, patch management, and access privileges to data. User training is an extremely valuable tool to safeguard against phishing attacks, which may deliver ransomware. Educating users on how to best identify suspicious emails or unsafe websites greatly reduces the likelihood of cyber-attackers finding a means to infiltrate your network.

Incident Management

While training and technical controls will significantly reduce the risk of a ransomware attack on your network; criminals are learning and evolving every day, so the risk of an attack will never be completely removed. In order to respond to a cyber-attack quickly and efficiently it is critical to have comprehensive and appropriate incident response procedures in place in order to recover.

Assess your Security Posture and Readiness

This is where the ISO 27001 framework comes into play. ISO 27001 is an internationally recognized standard that specifies a framework for Information Security Programs. It provides a mechanism to review the effectiveness of security management systems to ensure that all security initiatives are aligned with industry best practice and are properly executed. ISO 27001 provides a practical and risk-based approach to implementation of technical security controls, governance, and incident management.

What can you do?

CQR can help your firm implement an Information Security Management System to help prevent cyber security incidents.  Our program includes assessing against ISO 27001, training your employees to avoid phishing emails, and helping you to maintain a security profile that will reduce your risk and exposure. Get in touch to discuss.

 

[1] https://home.treasury.gov/system/files/126/ofac_ransomware_advisory_10012020_1.pdf

We use cookies on this site to provide you with a better user experience. Read More