Ransomware Attacks Hit Legal System

Ransomware has become the weapon of choice for cybercriminals. A recent report by SonicWall shows that nearly 100,000 ransomware attacks are happening per day in 2018, compared to 4,000 attacks per day reported by the FBI in 2016.

There have been several high-profile ransomware attacks specifically targeting the legal sector in the past few years. These attacks include a ransomware attack on the law firm DLA Piper, which was impacted by NotPetya, and an attack on the firm of Moses Afonso Ryan, which as a result sued its insurance company for $700,000 in lost billings. Firms and legal departments are advised to keep software up to date; maintain regular backups stored offline; train employees to be aware of social engineering attacks; and avoid clicking on phishing emails, opening suspicious attachments or clicking on malicious advertisements. They should use least privilege mode and consider using a protection solution that incorporates real-time behavioral analysis and machine learning.

Ransomware is a rapidly growing threat for all businesses, but for the legal sector the threat goes beyond the cost of simply paying a ransom. When a law firm or other entity in the legal sector is locked out of its IT for even a short period, it soon finds that it’s unable to meet important client deadlines, complete purchases or pursue court cases. This hasn’t escaped the attention of cybercriminals keen to exploit vulnerabilities in the software of firms that believe a cyberattack will never happen to them.