Guest Post by Craig Petronella
You know when you are craving a food … let’s say pepperoni pizza … you think about it all day. You dream about it at night. You’re trying to watch your figure, but that warm, stretchy, gooey, deliciousness won’t stop haunting you.
So you give in. You’re going to have “just one slice” but before you know it, you’ve eaten an entire medium pizza by yourself. But it doesn’t stop there. You have pizza the next day, too. And the next day. And in fact, you have pizza so much, you literally get sick from it. A year goes by and the thought of eating another slice makes you nauseous. You reached Pizza Fatigue.
Today’s Cybercriminals are getting more and more sophisticated. Alta Pro invites you to join in on a conversation with attorneys Kevin O’Hagan and Jamey Davidson, recognized thought leaders in Data Breach and Cyber Liability. The FREE one-hour CLE webinar “10 Things Lawyers Should Know About Cyber Liability” will be presented Tuesday, March 31 (12 PM Central/1 PM Eastern). This webinar is approved for one hour of free CLE credit as a benefit of your Alta Pro RPG membership. Seats are limited, so reserve yours today.
The same concept exists in the cyberworld. But instead of craving pizza, you become numb to breaches. Not only do you hear about data breaches practically daily, but you yourself and your business have also been violated by hackers. Probably more than once!
As former Head of the FBI Robert Mueller stated: “There are only two types of companies: those that have been hacked, and those that will be. Even that is merging into one category: those that have been hacked and will be again.”
So instead of trying to proactively fight against the hackers, people with breach fatigue throw their hands up in the air and scream “What’s the point!?” before then burying their heads in the sand and making themselves easy targets.
Recovering from Breach Fatigue
Look, we understand. Truly, we do. It’s a lot to take in. There is a lot to do and sometimes it feels like, no matter what you do, it’s not good enough. But hackers rely on breach fatigue to wear you down… don’t let them win!
It’s one thing for regular individuals to suffer from breach fatigue; after all, your employees’ livelihoods aren’t based on whether you can get images of their Aunt Sally’s 82nd birthday decrypted or not. If you own a small business (or a large one, for that matter), you CANNOT demonstrate the defeatist attitude of breach fatigue and expect to keep your business going.
Law Firms are Latest Black Hat Hacking Trend
Five law firms have been breached by cybercriminal group Maze in recent months, and the results have been devastating. Not only have these criminals STOLEN data, but they’ve also released extremely sensitive protected health information (PHI) from veterans’ pain diaries in connection with personal injury cases. This breach will surely call in the HIPAA watch dogs from the Office of Civil Rights, and should be a warning to ANY company with ANY access to sensitive PHI.
In addition to the law firms, Maze has also wreaked havoc on local government databases and numerous other businesses, infiltrating their networks with ransomware, encrypting and stealing sensitive data and files and then demanding ransoms. If the ransom isn’t paid, Maze releases or deletes the data, which includes HIPAA consent forms, PHI, VA documents and more.
Among Maze’s victims are two law firms that are involved in disability litigation with the U.S. Department of Veterans Affairs, Baker Wotring (TX) and Woods LLC (IN). The law firms have notified the FBI and though their businesses were compromised by the breaches, neither firm has had to close its doors, due to preventative cybersecurity measures that were in place.
Is your business safe against bad agents, such as Maze? Most aren’t.
If you practice in Wisconsin, Texas, Minnesota, Ohio, Illinois, Indiana or Michigan, you can stay a step ahead of the competition by being a member of Alta Pro Lawyers RPG. You’ll get access to free webinars, the Pro Practice Playbook, Reminger ProLink, Ask the Risk Pro and more. Here’s how to join.
About the Author
Craig A. Petronella is the CEO of Petronella Technology Group Inc, a cybersecurity group that specializes in helping law firms with security and compliance. With 30 years of experience, he is the author of “How Hackers can Crush your Law Firm,” Peace of Mind Computer Support” and other titles. MIT Certified: AI, Blockchain & Hyperledger. Phone: 919-601-1601; Helpdesk Support: 919-422-2607. For more information about a cyber-crime risk assessment call: 1-877-468-2721
