3 min read
How to Secure Your Smartphone
Smartphones can be a significant cybersecurity risk, in part because many owners take a lackadaisical view when it comes to properly securing them...
2 min read
Mark Bassingthwaighte, Risk Manager
:
Posted on September 4, 2018
Ransomware is one of the most disruptive cyber threats facing solo and small‑firm lawyers. Should your network become infected, your data will be encrypted and thus inaccessible unless you pay for a decryption key, which may or may not work.
Whether you pay or not (and reputable cybersecurity professionals strongly advise against paying), you will need a qualified cybersecurity specialist to attempt recovery. Just know that even with their help a full restoration is far from guaranteed.
How Ransomware Gets In
Most ransomware infections still begin with social engineering, and with the rise of Gen AI, the attacks have become far more sophisticated and harder to detect. Common entry points include:
Once activated, modern ransomware can:
This is why recovery is so difficult and why a resilient backup strategy is essential.
Best Practice Recommendation
Cybersecurity professionals now recommend following a 3‑2‑1‑1 rule, which means you should:
Why Immutable Backups Matter
Immutable backups, offered by many modern cloud providers, prevent ransomware from modifying or encrypting stored data. Even if your network is compromised, the immutable copy remains clean.
A Practical Backup Option for Solo and Small Firms
A common and effective setup includes:
This gives you:
Critical Notes for Local Backups
1. Always disconnect external drives after completing the backup process because ransomware can map and encrypt any connected drive.
2. Encrypt local backup drives in case they are lost or stolen.
Cloud Backup Considerations for Law Firms
Not all cloud backup providers are equal. Look for:
1. Immutable Backup Options - This is now a must-have.
2. Versioning and Long-Term Retention - Because ransomware can delay execution, you need multiple historical versions, ideally from 30 to 180 days.
3. User-Controlled Encryption Keys - This ensures only you (not the vendor) can access your data.
Why Backups Alone Are Not Enough
Even with a strong backup strategy, recovery is never guaranteed. Some attacks now include data theft and threats to make the data public and/or sell it. Because of this, ongoing staff training is just as important as technical defenses.
Mandatory Social Engineering Awareness Training for All Firm Personnel
Every employee, staff and attorneys alike, should receive regular, mandatory training on:
Training should include real-world examples, not generic warnings. High-quality training providers include companies such as KnowBe4, which specialize in phishing simulations and social engineering awareness programs.
Final Takeaway
A ransomware attack can cripple a solo or small law firm. While no backup strategy guarantees full recovery, a 3‑2‑1‑1 approach, combined with ongoing staff training, dramatically improves your odds of surviving an attack with minimal data loss and downtime.
3 min read
Smartphones can be a significant cybersecurity risk, in part because many owners take a lackadaisical view when it comes to properly securing them...
4 min read
This blog post is in partnership with LMG Security. With professional hackers and cybersecurity criminals posing a constant threat to law firms...
1 min read
Has Your New Year’s Resolution to Up Your Cybersecurity Game Turned to Dust? Don’t let that happen! There’s plenty of time in 2024 to address your...