Queensland Law Society

Ransomware is back – and it is worse than ever

Next Monday morning at 8am, you get a coffee and fire up your computer. All your client files are locked. A screen pops up telling you to pay a $10,000 ransom to get a key to unencrypt your data. A panic call to your IT provider tells you the backup is encrypted too. Clients are calling, and deadlines loom. What do you do?

Unfortunately, the true cost of this scenario is not the $10,000 ransom. It is the weeks of disruption and thousands of dollars more it will take to clean the network and bring it back into full service after a crypto attack — and that assumes that having paid your ransom you get the key and not just another demand.

Ransomware tools are making a resurgence in attacks on law firms this year, and they have been updated and re-weaponised. Multi-payload ransomware can simultaneously lock your data, steal your passwords and copy client files to be re-sold on the dark web.

What should you do?

  • There is no magic answer, but a carefully planned and professionally configured backup (Google search ‘backup rotation scheme’) can be the difference between annoyance and disaster.
  • Most malware relies upon vulnerability that has already been identified, so keeping your systems ‘patched’ or software updates current is essential.
  • Consider using a mail screening service.
  • Finally, train your staff to be cautious before opening attachments or following links, check where the links go and scan documents before they are opened.

Single steps can help, but overall a modern business needs to have information security hard-wired into both your tech and your culture.

Contact the QLS Ethics and Practice Centre on 07 3842 5843 for a discussion about our cybersecurity programs (currently free to QLS members). If you are already affected by a crypto lock attack, please call us to discuss response options or access our cybersecurity resources for more information.