Do law firms have to worry about ransomware?

Ransomware is a type of malware that launches when an unsuspecting victim clicks on a link or attachment found in a “phishing” email.^[1][2] Once launched, the ransomware encrypts or locks all of your data files, and may lock each computer workstation and your entire computer network as well.

Depending on the severity of the attack it can take weeks or months to recover the data or to restore your systems.^[3] This means that you could lose access to time-critical legal documents and that you might not be able to recover your documents in time to meet applicable filing deadlines, increasing your exposure to a possible malpractice claim.

Since lawyers attach files to emails when sending documents to and from clients and opposing counsel, law firms are at great risk of having firm personnel click on an attachment that contains ransomware by accident. This risk has increased significantly in recent years as these types of attacks have become more prevalent.^[4][5]

Because your exposure to malpractice claims greatly increases if you are hit with ransomware, and because law firms frequently attach documents to emails making it difficult for staff to spot “phishing” emails and potentially malicious attachments, your firm should worry about ransomware, protect the sensitive data and take the threat very seriously.

---

References

1. Forms of law firm data breach
2. Ransomware Attack Part 1
3. Finding a niche for starting a business
4. Ransomware
5. Ransomware attack preparedness