Page 12

Birmingham Bar Association Bulletin Fall 2016

Information Technology Tommy Mayfi eld It’s a typical day at your offi ce. You receive an email from someone you know and with whom you’ve been discussing performing legal work. Th e email reads, “Please review and let’s talk” and contains a link to what appears to be a legitimate Word fi le. Excited about landing a new client, you click on the attachment. Shortly thereafter, a message appears on your screen informing you that all the fi les on your computer (and on any networks connected to your computer) have been encrypted, and that the only way to regain access to them is to pay a substantial ransom in Bitcoin (the untraceable online currency) in exchange for a decryption key. Th is nightmare scenario has been unfolding with alarming frequency in law fi rms over the past few years.1 In fact, security experts have deemed 2016 the “Year of Ransomware”, and for good reason. 2 In February of this year, a version of ransomware called Locky was infecting more than 90,000 machines per day.3 In April, the number of ransomware attacks jumped a staggering 159% over March to reach an all-time high.4 Part of the reason for this explosive growth is that cybercriminals have begun packaging up the tools needed to run a ransomware campaign and selling them to less tech-savvy criminals. It is estimated that a typical ransomware campaign can earn criminals $84,000 in just thirty days, all for an initial investment of just $5,900—a return of over 1,400 percent.5 Th e reason that ransomware has become such a cash cow for criminals is that victims are paying the ransom demands. Why? Because they do not have comprehensive and reliable backups of their critical fi les. If they did, there would be no need to pay the ransom because the victims could quickly restore fi les from their backups. Given how lucrative ransomware has become for criminals, the frequency and sophistication of attacks are likely to increase for the foreseeable future. If your fi rm is not prepared, the consequences of an attack can be costly, including, but not limited to: • Data Loss – Th ere have been cases where, despite paying the ransom, a business was not provided with an encryption key, either because the criminals simply refused or because law enforcement previously shut down their operations. In such circumstances, the encrypted fi les can never be recovered. • Excessive Downtime & Lost Revenue – Without backups that can be easily and quickly restored, a ransomware infection (or something less nefarious, such as a hardware failure) can result in a fi rm being without its computer system for days if not weeks. • Recovery Expenses – Hiring IT consultants to rid your system of ransomware and help rebuild your computer systems can easily cost thousands of dollars. • Reputational Damage & Lost Business - Th e old adage that “all publicity is good publicity” couldn’t be less true in this context. If current or potential clients learn that your fi rm has been crippled by a ransomware attack, they may very well decide to take their legal needs elsewhere. Th e FBI, the ABA, and other organizations have published guidance regarding the steps law fi rms should take to address data security issues, generally, and the threat of ransomware in particular.6 In addition to training employees about the threat posed by ransomware and implementing up-to-date anti-virus software, these agencies frequently emphasize the need for fi rms to create reliable backups of their data. Unfortunately, these agencies provide few specifi cs on the best way to actually accomplish the task of backing up fi rm data. Moreover, while ransomware is arguably the most malicious threat facing fi rms today, it is certainly not the only threat. Hardware failures, employee errors, and catastrophic events (e.g., fi res, fl oods, tornadoes) can also have devastating eff ects on a fi rm in the absence of 12 Birmingham Bar Association


Birmingham Bar Association Bulletin Fall 2016
To see the actual publication please follow the link above