Whilst many of us have been getting to grips with the various phases of the government’s plans to lockdown and subsequently return the country to normal, it’s safe to say that cyber criminals haven’t been resting on their laurels.
It has become apparent since lockdown that there has been a rise in law firms falling foul of ransomware attacks.
The rise in ransomware is thought to be as a result of firms not realising how tempting their IT infrastructure is to a cyber criminal. With firms of various sizes being found all over the country, some feel their size (whether big or small) makes them less of a target.
The reliance on IT support is sometimes unjustified, as they’re not equipped to look after a firms’ cyber security.
Ransomware is one of the tactics cyber criminals use, and once they’ve found a weakness in the system, it’s similar to a shark detecting blood in the ocean, they’ll continue to focus their attention on this vulnerability until they successfully infiltrate the system.
What is ransomware?
Ransomware is a type of malicious software which encrypts your data and ‘locks you out’ until you pay a ransom. The cyber criminals detail their ransom demands and promise to provide you with the key to decrypt your data. Currently, the going rate starts at $50,000 for the smallest firms, rising sharply into hundreds of thousands for larger firms.
What can I do to protect my firm?
Conducting a risk assessment is vital, ensuring that it encompasses the ‘golden triangle’ of people, technology and processes.
Some of the questions you could ask yourself include:
- What technology do you have?
- How do you use it?
- What data do you hold?
- Who has access to it?
- What remote working takes place?
- Do people use their own devices?
- What third parties and collaboration platforms do you work with or rely upon?
- What controls do you have in place and how do you check they are working?
- How do you monitor security on an ongoing basis?
Are there any other steps I can take?
- Store and dispose of data securely – you never know if or when important documents or old storage devices could fall into the wrong hands
- Staff training – this could be on spotting the signs of phishing emails, but also enabling employees to take part in social engineering training which would allow you to test your resilience against a cyber attack
- Ensure your anti-virus software is up-to-date, and ensure your software regularly scans your systems to check for any viruses. Also check that your operating platform is up to date and has the latest security updates.
- Ensure that your systems are regularly backed up, this way you can access the newest saved back up, preventing you from losing too much information
- Getting certifications like Cyber Essentials which can reduce the risk of a cyber attack by up to 80%
What should I do if my firm is hit by a ransomware attack?
In the first instance the advice is not to panic.
Take a moment to take stock, then try to take control of the situation as best you can. When Travelex was hit by a cyber attack at the start of the year they took their systems offline, to contain the attack.
Although the attack compromised Travelex’s online systems, they were still able to conduct business face-to-face in their branches by completing transactions manually using pen and paper.
A manufacturing company, also had to resort to taking all of its systems offline, and return to old fashioned methods of manufacturing as a result of a ransomware attack. So no matter the size of the business, taking a moment to take stock always seems to be the best advice.
Communicating to your stakeholders, employees, clients and where necessary the general public, will demonstrate that you can be trusted, and you’re not trying to hide the fact this has happened to you. It may be worthwhile hiring a PR agency that can help manage this aspect for you, if you don’t have the capabilities in-house.
Don’t pay the ransom demanded by the cyber criminals. Travelex faced a threat of pay up or the criminals would have released personal data into the public domain, but this didn’t force the company’s hand. They continued to work behind the scenes, restoring their systems.
By bowing to the criminals demands it would demonstrate that the company is an easy target for criminals and may encourage them to come back and try the same tactic for a second, third and perhaps fourth time if any attach had been successful.
Chat to your IT team, local police force or Action Fraud who will be able to offer you advice.
