How to Protect Your Law Firm from the Rise in Ransomware

Whether it’s client intellectual property (IP), M&A transaction agreements, or corporate trade secrets, the legal services sector collects a lot of sensitive data. And where there is sensitive data, there is money to be made, with malicious actors increasingly attempting to exploit, sell, or hold legal data to ransom. The legal industry was the most heavily impacted by ransomware attacks during Q1 2021, with almost 25% of ransomware targeting small and midsized firms. So how can law firms strengthen their ransomware defenses?

How do ransomware attacks affect the legal sector?

One of the most high-profile ransomware attacks on the legal industry occurred in 2020 when prominent US entertainment law firm Grubman Shire Meiselas & Sacks lost data belonging to Madonna, Elton John, Lady Gaga, and a number of other celebrities. The firm refused to pay the ransom of $42 million and some of the lost data remains available for purchase online. Many law firms might be tempted to pay such sums if it ensured that their sensitive data was recovered in full. But with ransomware, even if the sum is paid, only 42% of payments result in the restoration of all systems and data.

For a business that typically bills by the hour, downtime is one incredibly costly side effect of ransomware. The average downtime that businesses experience while they coordinate their response and get their systems back online is around 20 days – more than enough time to inconvenience customers and partners. When DLA Piper, one of the world’s largest law firms, was hit by a high-profile ransomware attack in 2017, the firm’s telephone and email communications could not be fully restored for nine days. Despite not paying the ransom, the business cost of this downtime was estimated to be in the millions.

Another major consequence of falling victim to a ransomware attack is reputational damage, which can result in lost customers, plummeting share prices, and lost trust from partners up and down the supply chain. And your possession of customer Publicly Identifiable Information (PII) also puts your law firm at a greater risk of breaching regulations like GDPR, HIPAA, FISMA, and PCI-DSS. In 2022, UK firm Tuckers Solicitors was fined almost £100,000 by The Information Commissioner’s Office (ICO) for failing to secure sensitive data including medical files, witness statements, and the names and addresses of victims.

How to strengthen legal cyber defenses 

Hackers don’t discriminate based on business size. Whether you’re part of a small legal service company or one of the largest firms in the world, hardening cyber defenses against ransomware attacks is a crucial part of avoiding the financial, reputational, and legal consequences of a data breach.

1. Zero Trust

Firms that follow remote working policies, or have employees accessing their networks via personal devices and on public wifi, see an increase in potential entry points for hackers. By employing a Zero Trust security strategy, whereby you never automatically trust anyone inside or outside your network perimeters, you enable a multilayered defense that minimizes the attack surface for hackers and limits their ability to move laterally throughout your network.

2. Incident Response Planning

A survey by the American Bar Association (ABA) found that only one third of law firms claimed to have an incident response plan, with this number dropping even lower in smaller firms. By developing a strong incident response plan that addresses your business’ unique vulnerabilities, your ability to react and recover from a ransomware attack is much greater, and the risk of data loss, downtime, and reputational damage is reduced.

3. Employee Education

More than 90% of cyber attacks start with human error, and ransomware is no different. Hackers use sophisticated social engineering techniques to gain the trust of users and enter a network, allowing malware to spread further, faster. Your employees should understand their role in identifying and preventing ransomware attacks; committing to regular, ongoing training builds a company culture that is cyber-aware and helps bridge the cybersecurity skills gap.

4. Strong Security Tools

While your employees are your first line of defense, prevention technologies should be your second. Only around 43% of law firms use file encryption, less than 40% use email encryption and intrusion prevention, and less than 30% use intrusion detection. To decrease the chances of ransomware attacks gaining entry into your network, it’s important to employ strong and easy-to-use security tools that are continuously updated to defend against emerging threats.

How we help

Our service offers a stream of intelligence data from over 3,500 cyber threat feeds, alongside our team of skilled security analysts. By inspecting all network traffic, our service helps you shield your network from ransomware and other attacks, continuously building and improving your cyber defenses.

Learn more about how you can proactively strengthen your cybersecurity posture, here.

Tweet Article
Share Article
Cybersecurity in the legal sector


Experience how CleanINTERNET® can proactively protect your organization.