Ransomware is increasingly targeting law firms and the number of victims around the world is growing. Recent news articles state more than 600,000 victims worldwide have been infected. The cost of a potential breach is steadily increasing, the Ponemon Institute's 2015 Cost of Data Breach study reports the average cost of a data breach in the United States now costs $217 per record.
Ransomware, most notably CryptoLocker and CryptoWall, is designed to encrypt all of a user’s files and documents, then extort them for as much as $10,000 in order to decrypt the files. Delivery methods are increasingly clever masquerading as email attachments, links inside an email, or links on a previously compromised website. The latest versions now include malware “downloader” modules – so all the files and documents are encrypted and additional malware is being loaded as fast as possible…even after the victim has paid the “fee”.
The good news is some basic steps can help reduce the likelihood your firm will fall victim to one of these attacks:
- Educate your users about phishing attacks and malware – encourage them to report phishing emails and especially report when they believe they “may have clicked on something”
- Make sure updates and patches are installed in a timely manner
- Advanced threat protection solutions exist to help block, detect and isolate malware
- Regularly backup your files from laptops and desktops to network drives or off-line storage so the files can be recovered if (or more likely when) you do suffer an infection
If you have questions or need assistance, please feel free to contact your RubinBrown advisor or any of our Cyber Security Advisory Services professionals.
Any federal tax advice contained in this communication (including any attachments): (i) is intended for your use only; (ii) is based on the accuracy and completeness of the facts you have provided us; and (iii) may not be relied upon to avoid penalties.
All Law Firms News Law Firms Overview