It is well known that servers belonging to law firms often have critical client and case data, time-sensitive and/or deadline-centric data, and generally data for which there is a large risk and penalties if accessed by an unauthorized 3rd party or unavailable to the firm and its staff. The Panama Papers surely exemplified this.
But what makes the latest ransomware especially insidious to law firms? At one point, data breaches could target legal filings, scanned documents, images, contracts and more. But with ransomware, the bad actors no longer need to exfiltrate, or steal, this information. In fact, they don’t even need to identify how valuable the information is, they only need to assume your organization values it.
For this, the bad actors can heavily automate their attack methods, gaining efficiency and indiscriminate reach. Law firms are generally soft and lucrative targets for this. Bad actors can rely on the weak vulnerabilities in most networks, the vulnerabilities in your processes, and most effectively, they can rely on the weaknesses in your people. And if they get in, many ransomware variants are almost impossible mathematically to decrypt.
How can a legal firm fend off ransomware? What can they do if they are penetrated by ransomware? We will address both of these questions from the perspective of the legal firm.