You’ve probably heard horror stories about ransomware attacks. No one is safe from these attacks — law firms both large and small are vulnerable. Now, in addition to the traditional cyber-attacks we’ve come to fear, a new wave of ransomware attacks are hitting law firms. With these new attacks, your law firm’s data isn’t just encrypted and held for ransom, but your clients’ confidential information may be released to the public when the ransom isn’t paid.
There are two key factors that ransomware attackers consider when choosing their victims: accessibility and high-value data. For example, large organizations like universities often have small security teams making them an easier target for ransomware. And organizations like hospitals and law firms have highly sensitive data that they’re often willing to pay steep ransoms to keep private.
The corona-virus pandemic has forced many lawyers into home offices where they must rely on potentially insecure, or at least less secure, internet access and personal devices. And as legal teams continue to work remotely, law firms are left wondering if their data is safe from attack.
But first, what is ransomware?
Ransomware is a form of malware that encrypts a victim’s files making them inaccessible until a ransom is paid to the attacker. The ransoms can range from a few hundred dollars to thousands, often payable to criminals in Bitcoin. One of the most common entry points for a ransomware attack is phishing spam. Phishing spam is attachments that are sent to the victim in an email, masquerading as a file they should trust. Once the files are downloaded and opened, this ransomware can take over the victim’s computer. Some other, more aggressive forms of ransomware exploit security holes to infect computers without even needing to trick users.
Holding data for ransom is the most common form of ransomware, but the latest evolution of ransomware attacks is being driven by a new form of ransomware known as Maze. In a typical Maze attack, the victim’s network is infiltrated and data is encrypted or made inaccessible. What comes next is what sets Maze apart from other cyber-attacks.
With a Maze attack, your data isn’t just encrypted, it’s also stolen and victims of these attacks are listed publicly on Maze’s website. The hackers then demand two ransoms, usually totaling between $1 million and $2 million. One ransom to get their data back, a second ransom to have it destroyed. If you’re unwilling or unable to pay the ransoms, your data will be made available to the public.
How lawyers can compromise the security
The highly sensitive data that lawyers handle make law firms a valuable target to hackers. Here’s a pretty shocking example that hit the news relatively recently: New York-based media and entertainment lawyers Grubman Shire Meiselas & Sacks have recently come under attack from the REvil (Sodinokibi) ransomware.
This ransomware is extorting the law firm, threatening to release sensitive files on the company’s celebrity clients. Grubman Shire Meiselas & Sacks are being extorted for a whopping $42 million ransom. The data at risk of being released to the public if the ransom is not paid includes contracts, nondisclosure agreements, phone numbers and email addresses, and private correspondence.
Ok, so not all lawyers have any celebrity clients, but all lawyers are responsible for keeping their clients’ data private and secure. And the longer we work from home, the more vulnerable our data is to ransomware attacks. So, how can you keep your clients and their data safe?
5 ways immigration lawyers can prevent attacks
The 2019 American Bar Association TECHREPORT noted that 36% of firms have had systems infected, and 26% of firms were unaware if they’ve been infected by malware. Larger firms are the least likely to know if they’ve suffered a malware attack. Security-minded legal professionals have been working hard to limit the amount of data that leaves their control and opting for encrypted, highly-secure, closed-loop systems for their most sensitive documents. Here is what you can do to help prevent ransomware attacks and keep your data safe.
1. Move to the Cloud
More law firms are moving client data and confidential documents from on-premise to cloud-hosted databases. Data is more secure when stored in a system with modern infrastructure and security protocols, instead of stored locally on an outdated system. Fifty-eight percent of firms use cloud technology to manage their clients and run their firms. The cloud provides the security law firms need to protect sensitive and confidential information. Physical security used at most data centers and routine data back-ups makes cloud-based case management software more secure than an on-site database.
2. Monitor email
Hackers exploit technical vulnerabilities via email because lawyers rely heavily on email to manage cases and interact with clients. Lawyers must be trained to monitor email for links and executable files. These files launch automatically when clicked, but applying software restrictions on your devices can prevent executable files from starting up without your consent.
3. Update software and hardware
Application updates are necessary and should not be treated as optional. Each software upgrade provides essential security needed to ward off cyber-attacks. Skipping software and hardware upgrades may offer short-term savings, but you’ll be paying for it in the long-term — loss of data and raised insurance premiums are just two examples of potential costs.
4. Invest in a foreign national portal
A foreign national portal (FN) is typically an interface that’s part of an immigration case management platform made specifically for the foreign national. Through an FN portal, the foreign national or their dependents can log in and perform various functions such as adding personal information, uploading documents, and in some cases view the status of their case and interact with their law firm.
The benefits of using an FN portal to manage immigration cases are numerous and varied. These portals give foreign nationals increased control over their information, which reduces anxiety and increases customer satisfaction. FN portals also guarantee greater data protection by allowing users to upload sensitive documents and otherwise interact directly with a secure, cloud-based portal with security built right into the process. With more access to their information, foreign nationals and their immigration lawyers might also exchange fewer emails, which increases the security of their communications.
5. Train employees on ransomware attacks
Believe it or not, humans are the main cause of most network outages and vulnerabilities. It takes just one human error to throw your entire law firm into chaos. But, you can actually train your employees to help ensure they understand cyber-security and best practices around it. Here are just a few cyber-security rules that are important to keep in mind:
- Never click on unknown links
- Do not open email attachments from unknown senders
- Be wary of downloads
- Protect your personal data
- Never use USBs of unknown origins
- Use a VPN when connected to public Wi-Fi
These steps will tighten your security measures and keep you safe from ransomware attacks.
How INSZoom can help
As data breaches at major law firms continue to make headlines, clients will begin to consider data security when choosing their lawyers And by extension, lawyers have to consider the same thing when looking at the technology they use, especially their case management platforms. Lawyers are obligated to protect clients’ sensitive information from phishing, malware, and ransomware. And INSZoom is built with that in mind, whether related to GDPR and CCPA, data organization, or more.