Disaster recovery

Disaster Recovery for Lawyers – Protecting Your Firm from Ransomware

September 7, 2017


Ransomware is cyber extortion. Hackers target individuals and companies with computer malware that encrypts files and leaves you a message: pay a ransom or kiss your files goodbye.

Ransomware made massive headline news this year when a global attack took down hospitals, telecommunications hubs – and yes, law firms. Like a lot of viruses, the delivery mechanism for ransomware is email phishing, which makes anyone in your firm a potential target.

This post discusses the global ransomware threat and why even small firms should be worried. How can a managed service provider create a disaster recovery plan to help keep your firm safe?

What is Ransomware?

Trend Micro called 2017 the “Year of Online Extortion.” Ransonware attacks by cyber criminals not only rose dramatically, but it gave birth to ransomware-as-a-service, where hackers rented out their techniques to clients who then proceeded to infect even more computers. In 2016 some of the malicious code that made up ransonware was shared with the public, which fueled even more attacks. Trend Micro said this resulted in a 400% increase in attacks last year alone.

By the end of this year, hackers are expected to continue their profitable enterprise across all digital devices – including your cell phones.

Get a free assessment of your firm’s ability to prevent ransomware.

CNN Tech compares a ransomware virus to kidnapping; a malicious virus infects your computer and locks all your files while your screen tells you where to pay the ransom to unlock everything. What’s even worse is the simple act of opening an email can cause the infection.

Law firms make great targets for these attacks because they usually have access to cash, and they have client data that the hackers can steal and turn into more money. That’s exactly what happened in May 2017 to a Rhode Island law firm that was held hostage by ransomware. FindLaw reported that Moses Afonso Ryan lost approximately $700,000 in billable hours as a result of the attack.

This is just one example, but it clearly illustrates why law firms should consider a disaster recovery plan.

Disaster Recovery for Lawyers

Even the American Bar Association has published their recommendations for law firms to develop a disaster recovery and business continuity plan. Cyber crime is not the only potential disaster threatening your business; inclement weather, fire, or robbery could all potentially affect business as usual in your firm. Because your business is rooted in technology, the first part of your disaster recovery plan should establish the steps necessary to recover firm files and digital data that are so crucial to every aspect of your business. A good disaster recovery plan should include:

  • Moving beyond the crisis
  • Retaining vital resources
  • Assessing the damage
  • Replacing vital hardware, software, and data
  • Reestablishing workflows
  • Getting back to business

According to CIO, the process for establishing a good technology-focused disaster recovery plan includes:

  • Assessment of workflows and inventory of hardware and software
  • Defining your ability to withstand downtime and loss of data
  • Role identification and definition of who will be responsible for what during the recovery process
  • Creation of a communication plan so employees can continue to reach each other, no matter what kind of crisis occurs
  • Set up a backup worksite that reestablishes crucial corporate workflows
  • Establish how to handle sensitive client data

In the case of ransomware, the most effective deterrent is to train employees never to open an unsafe email. Ransomware is delivered into a business by attaching itself to a file. The email could look as if it is sent from a client or a friend, but when the employee opens the attachment the virus is unleashed.

The second best remedy for ransomware is simply to backup all files, including emails consistently and thoroughly.

But the most important way to protect your firm from ransomware is to create a disaster recovery plan that mitigates your risk and gets your firm back to business as usual as quickly as possible.

Request a quote for a disaster recovery plan.




Let's Start a Conversation.

Connect with us and experience the TOSS difference.

Send this to a friend