Being prepared and knowing the steps to take after a ransomware attack may reduce a law firm’s legal, ethical, operational and even reputational exposure.
The recent NotPetya and WannaCry attacks resulted in the lock down of key data and hence operations at multinational businesses and global law firms like DLA Piper in at least a dozen countries. Two victim enterprises were from New Jersey.
Ransomware attacks on law firms are growing. The unprepared law firm, and, by extension their clients, are vulnerable to ransomware attacks causing them to eventually succumb to paying a ransom to hopefully unlock data and resume business. Most of the damage caused by a ransomware attack can be easily prevented by following the below ransomware defense best practices:
- Monitor Cybersecurity Threat Alerts published by governmental entities and across multiple industry sectors.
- Monitor release of Patch Alerts to maintain up-to-date patching of your systems to address potential critical vulnerabilities. Check to make sure Microsoft Security patch notifications released since March have been employed.
- Conduct security awareness training at least every six months for employees and management. Be sure to conduct testing on the training.
- Implement an Incident Response Plan that specifically involves ransomware response methods.
- Conduct rapid response drills with the Rapid Response Team Members to ensure knowledge of each member’s role and responsibility.
- Adopt segmented networks. Back up critical data off line and adopt a method by which to communicate outside of normal channels to ensure business continuity.
- Purchase cyber liability policy insurance through a knowledgeable broker and make sure that coverage includes ransomware attacks.
- Consider reporting ransomware incidents to law enforcement before making a decision to pay the ransom.