Picture this classic movie image: A worried parent sits by the phone, waiting for a ransom demand for the release of a kidnapped loved one. Police officers sit nearby, waiting for the information they need to locate the victim and bring the kidnapper to justice.
Now try picturing the modern-day law firm equivalent: A worried attorney sits in front of a computer monitor, waiting for a ransom demand for the release of encrypted files. But in this situation, there’s nothing that law enforcement can do. This is ransomware.
Ransomware is a type of malware that prevents a user from accessing an infected computer system by encrypting files on the system’s hard drive. Much like a kidnapper, ransomware demands that the user pay a fee for the key to release, or decrypt, the affected files. 2016 has seen ransomware attacks increase in frequency and broaden in targets. In February, CNN reported that Hollywood Presbyterian Medical Center in Los Angeles paid $17,000 in bitcoin for a decryption key. In March, “The Guardian” reported that the “New York Times,” the BBC, AOL, and the NFL had all been attacked by ransomware through their advertisements. And in April, “Time” reported that a law firm in Tulsa paid $500 for the release of its files.
How do computer systems become infected with ransomware? According to the Federal Bureau of Investigation, “In a ransomware attack, victims, upon seeing an e-mail addressed to them, will open it and may click on an attachment that appears legitimate, like an invoice or an electronic fax, but which actually contains the malicious ransomware code. Or the e-mail might contain a legitimate-looking URL, but when a victim clicks on it, they are directed to a website that infects their computer with malicious software.”
What are the implications for litigation attorneys? Consider the contents of a hard drive. Access to depositions, exhibits, and legal video is frozen. Calendars marked with response dates, roster meeting dates, and trial dates disappear, leaving a litigator schedule-blind. Law practice business accounts may be compromised. In a worst-case scenario, client trust accounts may be compromised as well. And none of this escapes the attention of the American Bar Association. In the ABA Model Rules of Professional Conduct, Rule 1.6(c) states, “A lawyer shall make reasonable efforts to prevent the inadvertent or unauthorized disclosure of, or unauthorized access to, information relating to the representation of a client.”
So what can lawyers, paralegals, and legal staffs do to defend against a ransomware attack? The “ABA Journal” offers these recommendations:
• Block executable files (such as “.exe” files) and compressed archives (such as zip files) containing executable files before they reach a user’s inbox.
• Keep operating systems, browsers, and browser plug-ins, such as Java and Silverlight, fully updated.
• Program hard drives on your computer network to prevent any unidentified user from modifying files.
• Regularly back up data with media not connected to the Internet.
For more tips and informational articles, please be sure to visit the CompuScripts Blog.