How a Lawyer Handled a Ransomware Demand

An article in a freight industry trade journal describes how a South Carolina-based attorney guided a trucking company through a ransomware attack. The company was well backed-up and had its systems online again quickly, but the hackers threatened to post or sell the company’s stolen data. Following the attorney’s advice, the company ignored the threats. According to the attorney, that decision was made after a risk discussion, and in light of the FBI’s advice not to pay. She says that a different set of risks might have led to a different decision, but payment doesn’t guarantee that stolen data will never be posted or sold in any case. Assessing the impacts on employees, contractors, partners and customers is an important part of the analysis, as are the disclosure requirements in the state where the demand takes place. The attack was traced to a phishing email that had been opened by an employee. The company’s data was ultimately leaked.