Question of the Week: How can I protect my firm against ransomware?


The implications of ransomware can be serious for law firms, who, by the very nature of the profession, store confidential client information. If a malicious party gains access to these files, the resulting repercussions can have career-altering effects for lawyers. To avoid that scenario, lawyers need to take proactive steps to protect their firm from attacks.

Ransomware works by locking a victim’s network or computer, freezing access to files until a ransom is paid. These requests for ransom typically have a timeline associated with them and if the firm doesn’t pay, then the files are then permanently locked or destroyed. This form of attack is becoming increasingly more common, and law firms are at the top of the list of targets given their budgets and the importance of the information they usually house. 

Falling victim to ransomware can have a long-lasting impact that goes far beyond the time spent dealing with hackers. If the payment isn’t made and the files are erased, even if the firm has recent, accessible data backups, it can still take significant time to restore data to a workable point. Additionally, the firm must then deal with the PR fallout of the breach, notifying clients and addressing the many, many concerns and potential lawsuits that come along with it. 

Today’s firms must actively put measures into place to prevent ransomware. While there’s no guaranteed protection, think of the proper precautions in the same way you would a home security system. If a burglar sees your home is well protected with a security system, they’re likely going to move on to another home that’s easier to gain access to and is less risky. Security measures work the same way, creating blocks that make it harder for someone to gain access and making it more likely they’ll move on to another target. 

Train your staff

A significant proportion of security breaches occur as a result of personal error. It’s critical to educate your employees on different security risks and what tactics are used to gain access. Often techniques like social engineering and phishing emails will be used to gain the necessary information needed to login or reset passwords. Teach your team how to spot these approaches and what to do if they encounter them. 

Enable security measures

Firewalls, updated software and security features and systems that notify you in the event of a breach are all part of protecting your firm. If you’re managing your IT systems in-house, be sure patches and updates are regularly applied and there are protocols in place to protect the firm’s networks. Outside vendors typically include these protections as part of their services, but you should verify their process. 

Enforce strong password policies

Don’t make it easy for hackers to get into your system. Institute a policy addressing password strength that covers length, uniqueness, and complexity. This policy should also cover the sharing of passwords and if they must be shared, the secure procedure for doing so.

Develop a response plan

Should your firm fall victim to ransomware, the last thing you want to happen is your team scrambling to figure out what to do. Have a well laid out ransomware response plan that documents what actions should be taken in the event of a suspected attack. This plan should be part of your employee training to make sure everyone is aware of the proper steps to take.  

Backup your data

Backing up your data won’t help prevent a ransomware attack, but it will help you recover more quickly from one. If your data isn’t backed up, you run the risk of being completely unable to work during and after an incident. If possible, try to back up your data daily to either multiple sources or a cloud-based server with redundant backups to keep your cases moving. 

To fully protect your firm against a ransomware threat, it’s important to be aware of what you’re up against and the impact these attacks can have. Focus on not just preventing the attack, but also what actions will be taken in the event one takes place. 

Wondering if your firm could be subject to a ransomware attack? Check out Do law firms have to worry about ransomware?


No Fields Found.

Ready to make the switch?

Start a 10-day Free Trial of CosmoLex

Try For Free

See CosmoLex in action!

Schedule a Personalized Demo Now

Try For Free