preventingrAnSoMwAre : ApriorityforeveryLAwprActice
Technology Section Chairs : JohnMullen – PhelpsDunbar , LLP & KurtSanger – DeMarcoLawPLLC
Acyberattackonalaw firmisanattackonallthe firm ’ sclients & itsability todelivercompetent servicestothoseclients .
Although it has been more than six years since the term “ ransomware ” was added to the Oxford English Dictionary , the scope of the threat remains unknown to some and misunderstood by most . Oxford defines it as , “ a type of software that is designed to block access to a computer system until a sum of money is paid ,” but the definition fails to capture the crippling effects this pernicious threat has had on thousands of organizations worldwide — including law firms .
To protect their own practices , and to protect their clients , all attorneys should be familiar with ransomware — how to prevent it , how to mitigate it , and how to advise clients in the event they are affected by it .
The most effective ransomware prevention efforts employ a combination of expert support and professional training . Cybersecurity experts , whether organic or outsourced , can monitor systems for vulnerabilities and anomalous activities that precede ransomware events . Because ransomware incidents can be initiated through everyday activities , such as visiting insecure websites or opening infected email attachments , system users should undergo continuous training to warn them of enduring hacking techniques and the latest
cybersecurity threats . Users should be fully aware of the actions that will put their systems and their clients ’ data at risk — particularly actions enabled by accessing work systems remotely .
Every firm should have a plan to respond to a ransomware system disruption and demand for money . At the very least , firms should know the first number they are going to call for support , whether an incident response organization , another law firm that handles ransomware events , or other consultant . Every firm should also have a back-up way to communicate in the event their systems are compromised or inaccessible . Firm leadership should keep redundant lists of contact information for employees , clients , court officials and others offnetwork , and ensure that that they can send and receive information through alternative methods .
While any organization with financial accounts or intellectual property has incentive to secure their technologies , an attorney ’ s responsibility to protect their information systems has additional dimensions . The ethical rules requiring attorneys to maintain their clients ’ confidentiality elevates cybersecurity to a core duty of any organization providing legal services . A cyberattack on a law firm is an attack on all of the firm ’ s clients and on the firm ’ s ability to deliver competent services to those clients . Law firms should be able to demonstrate they have taken reasonable measures to secure their systems and their clients ’ information — and have a plan to respond to incidents .
Beyond the firm , most legal clients will not have a plan for responding to ransomware , and they may turn to their attorneys for advice first . If a firm does not have an organic cybersecurity incident response practice , it should identify a Breach Coach law firm with whom it can partner to support clients facing cybersecurity incidents . Breach Coach firms specialize in technical recovery , work closely with digital forensics and restoration firms , and work to put clients in the most defensible position to forestall post-breach litigation . n
Authors : Michael McLaughlin – Buchanan , Ingersoll & Rooney , PC & Kurt Sanger – DeMarco Law , PLLC
5 2 M A y - J u N 2 0 2 4 | H C B A L A W y E R