Ransomware Attacks a Growing Concern for Law Firms

If only the masterminds behind ransomware attacks and other malicious cyberattacks would put their energy into world peace. I think we’d have that nut cracked in about six weeks. But sadly, the bad guys continue to use their techie talents to steal and disrupt. And law firm security measures don’t seem to be holding up under the test!

I recently read the article about the University of Calgary’s experience with ransomware. At a time when the University was hosting academic faculty and researchers from across Canada, their email systems were completely shut down and they lost access to many of their files. Everything was on lock-down.

Then they received a ransom note.

The University of Calgary was told that they needed to pay a sum of $20,000 and the attackers would give them a “key” to unlock all of their systems.

The University’s press release stated: “A ransomware attack involves an unknown cyberattacker locking or encrypting computers or computer networks until a ransom is paid, and when it is, keys, or methods of decryption, are provided.”

They also said, “The university is now in the process of assessing and evaluating the decryption keys. The actual process of decryption is time-consuming and must be performed with care. It is important to note that decryption keys do not automatically restore all systems or guarantee the recovery of all data. A great deal of work is still required by IT to ensure all affected systems are operational again, and this process will take time.”

Can you even imagine? Not only were they attacked and they paid the ransom, but the decryption keys aren’t like magical buttons that restore everything instantly to the way they were. No, the IT professionals will be at this for a long time.

Of course, when something like this happens, those of us in charge of law firm security always think, “Could it happen to me?” We spend about 48 hours talking about it, worrying about it and assessing and tinkering with our security measures, but then we move on with our priorities. But do those efforts really tell you if your systems will work against a law firm cyber attack? Maybe you’re thinking, “There’s no way to know until it happens.”

That’s not true. You can actually test your system’s ability to thwart cyberattacks. You can create law firm ransomware tests that invade your system like a swarm of insects attacking your picnic, enticing your employees to click malicious links. After they click, your system’s ability to block the malware is tested. These tests are harmless but they are created to mimic the most aggressive ransomware strains out there.

And you learn two things:

  1. Who in your law firm needs to be trained to recognize suspicious emails
  2. Whether your system is effective at blocking attacks unleashed by unsuspecting employees

As an authorized partner with KnowBe4, the world’s most popular integrated Security Awareness Training and Simulated Phishing platform, I can help you to create a ransomware attack that will test your security measures and your people. KnowBe4 has created a ransomware test called RanSim and it helps to determine if your network is effective in blocking ransomware when your employees fall for social engineering attacks.

Here’s how it works:

  • 100% harmless simulation of a real ransomware infection
  • Does not use any of your own files
  • Tests 5 types of infection scenarios
  • Simply download the install and run it
  • Results in a few minutes

One more cautionary tale before I conclude this blog. Consider this story from TIME magazine:

Grayson Barnes had just started working at his father’s law firm in Tulsa, Oklahoma when a note popped-up on one of the computer screens. It informed him that all the files on the firm’s digital network had been encrypted and were being held ransom. If he ever wanted to access them again, he had to pay $500, in the Internet currency Bitcoin, within five days. If he didn’t, the note concluded, everything would be destroyed.

“It wasn’t just a day’s worth of work,” Barnes told TIME. “It was the entire library of documents, all the Word documents, all the Excel.”

Uncertain of what to do next, Barnes called the police and then the Federal Bureau of Investigations. Everyone he spoke to told him the same thing: there was nothing they could do.

If he paid the $500, there was no guarantee he’d get the files back, they said. But if he didn’t pay, there was no way to save the firm’s data and, because many of these sorts of cybercriminals live abroad, there’s no way for the police or the FBI to prosecute the attackers. “They said, basically, ‘Look, we can’t help you,’” Barnes said. Two days later, the firm paid up.

If you are curious at all about running a ransomware test at your firm, please contact me today. Doug@SavvyTraining.com, 303-800-5408


Savvy Training & Consulting works with leading companies and technologies to deliver the most up-to-date training solutions and curricula to law firms. Savvy recently unveiled an award-winning Learning Management System (LMS) for law firms, SavvyAcademyTM, which delivers scalable training capabilities, reportable data down to the individual user and 24/7 support, all for a fraction of the cost of traditional LMS services.


Leave a Reply