TRAINING AND IMMEDIATE RESPONSE ARE CRUCIAL
Everyone in a law firm should be trained to recognize the early signs of a ransomware attack. There are tools available that will send fake phishing emails to simulate a ransomware attack, test for vulnerabilities and provide valuable information to use in adapting training efforts around common pitfalls.
Any initial sign of a ransomware attack should prompt a user to immediately disconnect from the law firm’s IT network by removing both hardwired (LAN) connections and Wi-Fi access. Once it’s completely disconnected from any other system, the computer can be assessed for possible damage. There are services that will do this, but if cost is an issue, software is also available. However, any trace of the malware must be found and removed, or it will just spread again.
In addition to training staff and lawyers on how to recognize a ransomware attack and what to do if they suspect it’s happening, a firm should regularly back up all its data — preferably to the cloud or an off-site location. That way, if there is an attack, a clean backup is available to reinstall once every trace of malware is removed from the on-site systems. Cloud backup services also regularly scan data for known malware and other viruses, and this acts as a stopgap to any measures a firm has in place.
AN OUNCE OF PREVENTION CAN MITIGATE RISK
Ransomware attacks against law firms are only going to increase. Sooner or later, a phishing attempt will sneak in. That’s why everyone should know to watch for the early signs of an infection and how to respond to mitigate potential damage.