Yesterday, the ABA Journal reported that a law firm right in our own backyard of Charlotte, North Carolina, was a target of a CryptoLocker attack. This attack, infamously known for targeting computers running Microsoft Windows, using a disguised email attachment to lure victims and ultimately hold files for ransom, has left this law firm paralyzed with inaccessible, encrypted files. The email attachment was innocently opened and mistaken for a voice mail message, normally received from the firm’s phone system. This is an easy mistake to make, which explains the $30 million “business” derived from this insidious approach.
While law firms are not singled out in this attack, they remain a key target. Why?
- Highly sensitive data (and a lot of it)
- Eagerness to cooperate to ensure data is protected and time is no longer wasted
- Slow (although steadily increasing) adoption of new technology
- Little to no spare time to implement preventive measures
Take the time to ensure your information and client data is protected. You will spend less time implementing sufficient legal IT solutions than chasing encrypted files, answering worried client phone calls and settling to pay ransom.
Charlotte-Mecklenburg police urge businesses to immediately turn off an infected computer and disconnect from the office network.
Prior to being faced with this situation, here are some actionable steps you can take to protect your firm:
- Keep desktops up-to-date
- Have the appropriate controls around email traffic, such as spam and phishing filters
- Create regular file backups – furthermore, create file snapshots for the last 30 days
To view the full story, click here.