Solicitors – Cyber Security Helpdesk Limited – UK Cyber Incident Reponse Specialists

Protecting Your Law Firm from Ransomware

Ransomware attacks occur when cyber criminals hold your data to ransom by encrypting it and demanding money for its decryption / release.

The best example of a Ransomware attack – which is one of the fastest-growing areas of cyber crime – is the WannaCry cyber-attack which devastated the NHS and many other institutions last year.

With Ransomware attacks, there are fewer barriers to entry for budding cyber criminals to try their hand at digital extortion – alarmingly ransomware “toolkits” are readily available on the Darkweb and other dark corners of the internet, making it easy for amateurs to get in on the act and launch their own attacks.

In addition, the increating popularity of “cyber economies” creates a potentially untraceable but lucrative, redeemable commodity.

The number of ransomware attacks on businesses is ever increasing – research by Kaspersky revealed that a business is attacked with ransomware every 40 seconds. Equally concerning is another statistic that 71% of companies targeted by ransomware attacks have been successfully infected.

This can only mean that many firms cyber defence firms and technologies are struggling to keep up with the ever changing threat landscape.

So far as law firms are concerned, the impact of such an attack can be more devastating than to other businesses due to the heavy reliance on data, confidentiality, and the perception of stability which is vital to uphold. The financial, reputational and structural pillars of a law firm are at risk.

A survey conducted by Datto and Timico last year, which included 250 law firms and 750 other UK businesses, revealed that:-

More than 25% of law firm victims of ransomware attacks ended up paying cyber criminals £5,000 or more to retrieve their data.
A third of ransomware victim law firms lost access to their data for more than a month, while 14% said it was “unrecoverable”.
88% of law firms who were hit by this kind of attack experienced systems downtime of a week or more.
53% estimated it cost their firm between £1,000 – £2,000 a day in lost revenue, due to systems being down. A third of law firms could not estimate the overall cost to their business, describing it as “unquantifiable”.
The effects of the attack were almost instant with 68% stating their data systems went from fully functional to essentially useless within seconds or minutes.

For regulated businesses, the stakes are higher. The access to a firm’s confidential client data by an unauthorised outsider poses a significant threat to client confidentiality and therefore SRA compliance and data protection compliance (a problem which will be magnified under the EU GDPR).

Can Ransomware Threats Be Mitigated?

Ransomware can be transmitted in 2 primary ways:

1. Traditionally, via fraudulent emails which relied on untrained, or unsuspecting staff clicking on a malicious link or attachment.

2. More recently, cyber-criminals found a way to breach a security vulnerability in sofware operating systems. The Wannacry outbreak is a perfect example of such an attack using Microsoft’s operating system as an entryway into an organisation’s systems.

Our advice is that in addition to security patching and update policies, staff training, security technologies and company policiessuch as regular (daily!) data backups and emergency protocols, i is vital that law firms have a sound Cyber or Data Incident Response Plan.

If your firm has been a victim of a Ransomware attack, then you will need immediate expert assistance.

The Law Society Gazette published a report confirming that fraudsters have attempted to infiltrate the IT systems of hundreds of firms.

In an update published by the Solicitors Regulation Authority, the regulator said it has seen increasing reports of attempted cyber-crime and warned solicitors to be wary of falling victim.

Firms have reported being sent emails saying their services are required: after they respond, the scammers send attachments or links to websites.

These attachments and links might contain malware which allows the perpetrators to control or undermine IT systems.

The SRA said some of the emails relate to a property sale and are sent from a ‘Margaret’ or ‘Mary Smollins’. The email [email protected] has been used to send rogue messages.

The SRA said: ‘While genuine potential clients might indeed send information in this way, law firms should be wary of the risks of malware infecting their IT systems, and take action appropriate to their business.’

Once malware is on a system, it can record everything typed over a long period to obtain passwords or financial details, copy or modify data on the system, and allow hackers to get into the firm’s network.

Firms are advised to use cloud-based computing for storing, accessing and processing information and to inform the police and SRA immediately if they have been contacted via these emails.

Other steps can include keeping software up to date, using an anti-virus system and using encryption on mobile devices. Files should also be backed up on a regular basis including at least one back-up that is not directly and regularly connected to the main systems.

In 2016 the SRA had reports of around £7m of client money being lost to cyber-crime. Almost half of all cyber attacks are aimed at small businesses.

IF YOUR FIRM HAS BEEN TARGETED IN A PHISHING OR SPOOFING ATTEMPT, OR WORSE STILL, HAS BEEN A VICTIM OF CYBER CRIME, CONTACT CYBER SECURITY HELPDESK LTD TODAY TO DISCUSS HOW WE CAN WORK TO MITIGATE THE DAMAGE CAUSED AND RESOLVE THE PROBLEM EFFICIENTLY