Ransomware – either locking access to business data, or copying it and demanding payment to prevent publication (often both) – is a common way for cybercriminals to monetise data access.
Law firms in the United States have faced a sustained campaign of such ‘data kidnapping’ for some time (see a brief report).
The extortion of legal services company Law In Order last month shows that the risk to our legal sector is no longer theoretical. Data kidnapping is a nightmare scenario for any business that has confidentiality at the heart of its relationships with clients, and requires a serious response in line with the magnitude of the threat.
Australia’s peak data security agency has launched a new anti-ransomware campaign in response to the increased incidence.
Other steps firms should follow include:
- Keep the amount of information accessible to each user limited to only what they need.
- Ensure all software on all systems is always up to date (including laptops/routers at home).
- Encrypt archives of past email and closed files.
- Keep up to date with emerging threats and responses via Queensland Law Society news reports and other trusted advisors.
- Plan in advance what you will do if faced with such a demand. There are many things that need to be done quickly and an ethical element to consider.
- Ensure your cyber-insurance is adequate. The high quality cyber cover provided by QLS to QLS member firms (more information) is an essential support during a data incident, but the $50,000 cap may not cover the full ransom and other costs. Top up cover at competitive rates is available.