Five Law Firms Hit By Ransomware Attack

Last update

at

by:

by:

Share

Print Friendly, PDF & Email
Sign up for the FREE CLE webinar "10 Things Lawyers Should Know About Cybersecurity" on March 31.

The phrase “ransomware” sounds scary enough already, but for law firms it is even more ominous.

That’s because firms are entrusted with large amounts of confidential and sensitive data belonging to their clients and others. The consequences can be dire indeed if this information is seized and held hostage.

Recently, hackers have taken this approach, with at least five firms being attacked in January 2020.

“The attacks are part of a coordinated effort potentially affecting nearly 200 victims,” writes attorney and risk management expert Seth Laver for Professional Liability Matters. “Rather than delivering a ransom note to the infected system and waiting for payment, the recent hackers are publishing the victim’s name on a public website. If the victim does not pay, the hackers post a small amount of stolen data–client data–online as proof. Still won’t pay? Then the hackers slowly publish the client’s remaining data. The hackers are leveraging the target law firm’s obligation to maintain client data and to make the impossible decision of paying the ransom or publicly expose a client’s information.”

Today’s Cybercriminals are getting more and more sophisticated. Alta Pro invites you to join in on a conversation with attorneys Kevin O’Hagan and Jamey Davidson, recognized thought leaders in Data Breach and Cyber Liability. The FREE one-hour CLE webinar “10 Things Lawyers Should Know About Cyber Liability” will be presented Tuesday, March 31 (12 PM Central/1 PM Eastern). This webinar is approved for one hour of free CLE credit as a benefit of your Alta Pro RPG membership. Seats are limited, so reserve yours today.

The threat to law firms and their clients has “magnified substantially,” Laver reports. The ransomware of choice in the January attacks was apparently Maze software.

“The FBI warned of Maze in December 2019, and called for vigilance to combat this particular attack which began hitting the US in November 2019,” according to Professional Liability Matters. “According to the FBI, Maze used multiple methods for intrusion, including spam communications that impersonate government agencies and others. Of course, Maze is just one of different strains of ransomware emerging of late.”

Hackers can’t cause damage without first breaking into your network. They do that by delivering ransomware imbedded in emails with PDF, ZIP, Word, Excel attachments.

“Opening a malicious attachment may deploy the ransomware immediately or in the future,” Laver writes. “We don’t yet know the exact nature of these attacks, but it is generally understood that the vulnerability is the point of access and therefore the need to take precautions to shore up phishing security.”

Risk Management Takeaways:

  • Sign up for the FREE webinar “10 Things Every Lawyer Should Know About Cybersecurity in 2020.” The program is presented on March 31. It carries one free hour of lawyer CLE credit. Sign up here.
  • Train your staff to identify and report suspicious emails: “think before you click.”
  • Learn about emerging threats and attack mechanisms.
  • Contact the sender directly if the email directs you to transfer money or if red flags go off for other reasons.
  • Purchase cyber liability insurance. 

If you practice in Wisconsin, Texas, Minnesota, Ohio, Illinois, Indiana or Michigan, you can stay a step ahead of the competition by being a member of Alta Pro Lawyers RPG. You’ll get access to free webinars, the Pro Practice Playbook, Reminger ProLink, Ask the Risk Pro and more. Here’s how to join.

Share

Print Friendly, PDF & Email

Related Posts on Altaprorpg.com!

Alta Pro Logo Icon

About the Editorial Staff

In an age of consolidation where increasingly impersonal transactions have made customer service an oxymoron, we bring together independent agents, insurance companies, and other industry specific service providers to develop and deliver insurance products and risk management solutions that benefit our insurance customers.

March 13, 2024 1:00 pm EST
1.0 Regular Credit
September 18, 2024 1:00 pm EST
1.0 Regular Credit

Join Our Newsletter

Occasional newsletters and CLE invites

Find Us on Social

Upcoming CLE Webinar: Ethical Uses of Generative AI in the Practice of Law

March 13, 2024 1:00 pm EST
CLE Credit: 1.0 Regular

Ryan Groff

Casetext

Archives

Need Help?

Visit our Frequently Asked Questions page. 

Or email us directly at info@altaprorpg.com

Or submit your issue in the comment form below and we will respond as soon as possible.