According to a 2021 Cyber Threat Report by SonicWall, ransomware attacks have jumped by 158 percent in North America. A recent article in Security magazine noted the pandemic and resulting shift to a largely remote workforce in the U.S. created a perfect storm of opportunity for bad actors to turn technology against countless businesses, organizations and government entities.
What a Ransomware Attack Looks Like
In practical terms, cybercriminals first gain access to a law firm’s network and files through a variety of means, most of which appear on the surface to be legitimate. At some point, the attackers encrypt and lock the firm out of its own computer system. Generally speaking, the firm is essentially cut off from its files until a ransom is paid to the attackers. There are, of course, no guarantees the files will be unlocked if the ransom is paid or that other malicious code isn’t embedded for a second or subsequent ransomware attack after the fact.
For context, a typical ransomware demand in 2018 amounted to payouts averaging approximately $5,000. That same ransomware demand today averages approximately $100,000. And these cybercriminals are increasingly playing a long game. They gain access and lurk in the background of law firm networks for weeks or months while gathering a treasure trove of data and intelligence before finally seizing the firm’s ability to conduct any business.
As a result, the insurance industry is seeing a dramatic increase in two of the biggest claims to come out of the post-2020 COVID-19 work environment: ransomware and wire transfer fraud. Data from Chainalysis found a 311 percent increase in the amount of money paid by ransomware victims in 2020, nearly three times the amount paid in 2019. Moreover, the company notes this is a largely underreported crime, for obvious reasons. The real total paid to ransomware attackers is likely much higher than what has been reported.
How to Protect Your Firm from Ransomware
Law firms need not fall victim to cybercriminals. There are steps that can be taken to help better protect your firm from a ransomware attack:
- Frequently back up your files, preferably to a secure cloud server
- Enable two-factor authentication to add additional security around your network
- Educate employees, especially those working remotely, to the threats to your network
- Ensure all remote employees have a Virtual Private Network to connect to from their home office environments
- Regularly consult with your IT team; have them access your risk of exposure at least annually
However, even the most vigilant law firms can fall victim to a ransomware attack. Whether through an innocuous PDF, email or link, or even code or security holes embedded in the very software law firms rely on, the risk and likelihood of ransomware attacks are on the rise.
Cyber security coverage is an available option for law firms as part of their professional liability insurance policy, including coverage for ransomware. As we’ve detailed elsewhere [LINK TO PRIOR CYBERSECURITY BLOG POST], cyber coverage can provide for immediate and highly skilled cyber intelligence support, review and patching of vulnerable systems, new hardware and software as appropriate, and even coverage for crisis communications services to help mitigate any public-facing fallout from a ransomware attack.
Firms that are unclear on their coverage, limits and options involving ransomware should consult with their insurance agent as soon as possible to ensure their coverage is optimized for the firm’s risk.