How to protect your firm from ransomware

Posted by Adam Curtis, managing director of Legal Futures Associate Hoowla

Curtis: your staff are the weakest link in the security chain

One news item has dominated the headlines over the last week – cyber-attacks and, in particular, the WannaCry ransomware.

It is a well-known and well-documented fact that the legal industry, and conveyancing in particular, can be a vulnerable and high value target.

This ranges from property hijacking – where fraudsters pose as legitimate owners of a property and sell it on without the real owner’s knowledge – to ‘Friday afternoon fraud’, with criminals contacting a busy law firm to ‘update’ their bank details to redirect funds.

As mentioned in Julian Bryan’s recent article, the National Fraud Intelligence Bureau’s 2016 figures show 159 recorded losses of buyer deposits, an 85% year-on-year increase.

In 2016, UK businesses reported a 22% increase in cyber-crime, resulting in more than £1bn in losses. A 2017 survey by Timico and Datto found that the systems of 85% of companies that have been victim to ransomware were down for a week or more. Nearly a quarter of respondents paid over £5,000 to retrieve their data.

With ransomware a very real threat, and on the rise, what exactly is it and what can you do to protect yourself and your firm?

Ransomware is not a computer virus, but a piece of software that – once it gets into a computer system – locks down access and holds it ransom until a sum of money is paid. Many victims of ransomware have reported that the systems were blocked within a matter of seconds.

WannaCry came from a surprising source; the US National Security Agency (NSA). A vulnerability in Microsoft’s operating system lead the NSA to build a tool, EternalBlue, to be able to access computers.

This was subsequently leaked by a hacker group last month and used last week in the WannaCry ransomware attack, which targets computers running Microsoft Windows by encrypting data and demanding ransom payments in the Bitcoin cryptocurrency.

The attack has been described as unprecedented in scale, infecting more than 230,000 computers in over 150 countries. It spreads across local networks and the internet to systems that have not been updated with the most recent security updates, to directly infect any exposed systems.

The frustrating thing about WannaCry is that it could have been easily and freely prevented. A “critical” patch had been issued by Microsoft on 14 March 2017 to remove the underlying vulnerability for supported systems, nearly two months before the attack, but many organisations had not yet applied it.

Research has shown that over 52% of businesses are still running at least one instance of Windows XP, a system that Microsoft has not supported since April 2014.

Last week Dona Sarkar, the head of Microsoft’s Windows insider program, tweeted that no one with Microsoft’s latest operating system, Windows 10, was affected.

So, what can you do to protect yourself against these types of attacks?

Keep your software up-to-date

If you are not using cloud-based software, the most important thing to do to reduce your risk of attack is to ensure all installed software is updated regularly.

Ransomware often relies on the victim running outdated software where vulnerabilities are known. Interestingly, in the US, the American Bar Association’s ethics rules say that lawyers have a duty to know about technology, meaning that a law firm in America running Windows XP could be seen as failing in their duties.

Back up all your data

Ensure that all of your data is backed up and that you have written steps about how to replicate your business systems and data on a new PC. If your system is affected by ransomware, it may well be that you are unable to access any data.

If you have your data backed up and are the victim of a ransomware attack, you can then wipe your system to eliminate the ransomware and reinstall the data.

Having systems in place as to how often data is backed up is crucial; the more often you back up, the less data will be lost and the sooner your firm can get back to work with minimal loss.

Use anti-virus software

Make sure your computers’ antivirus and internet security software is up-to-date and running. There is no excuse for not having anti-virus software installed and in use on your entire network and all computer, laptops and portable devices that access it.

Educate your staff

Unfortunately, your staff are the weakest link in the security chain. If they allow themselves to fall victim to a phishing scam or other email generated approach, they can compromise the security of your entire business.

Teach them to recognise potential threats and to treat unrecognised or unsolicited mails with extreme caution. The simplest way to do this is to train them to ask these key questions about emails: Do I know the sender? Do I need to open that file or go to that link? Did I order something from this company?

Keep yourself educated

Knowledge about the latest threats provides you and your IT staff with advance warning about cyber-crime activity in your area and industry.

Get Safe Online and the UK’s national fraud and cyber-crime reporting centre, Action Fraud, provide information about the latest threats, how to report suspicious activity and what to do if you think you have been the victim of an attack.

Leave a Comment

By clicking Submit you consent to Legal Futures storing your personal data and confirm you have read our Privacy Policy and section 5 of our Terms & Conditions which deals with user-generated content. All comments will be moderated before posting.

Required fields are marked *
Email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Loading animation