Upon listening to a panel of cybersecurity experts, I came to the conclusion that law firms and court reporting firms are vulnerable to the most prevalent cyber attack, ransomware. Ransomware is defined as “a type of malicious software that is designed to block access to a computer system until a sum of money is paid.” Many times, the currency used to pay the ransom is Bitcoin.
Advice given by the experts includes these 9 tips to avoid a ransomware cyber attack:
1. Regularly update your Windows, Mac, Linus software especially when the update is security related.
2. Install antivirus software and keep it up-to-date to block emerging malware.
3. Be wary of suspicious emails and pop-ups. What is suspicious?
a. Look at email address of the sender to see if it is coming from a legitimate email.
b. Look for obvious typos and grammatical errors in the body of the email.
c. Hover over hyperlinks and see if it would direct you to a suspicious web page.
d. Banks, doctors, the IRS will never ask you to send sensitive information like your SS number.
4. Often pop-ups windows that advertise software products that remove malware have ransomware in the pop-up ready to attack. Don’t click through to learn more or download these products.
5. If you are a victim of ransomware, immediately disconnect your computer from the internet, and then report the crime to law enforcement. Seek help from a technology professional who specializes in data recovery to see what your options might be.
6. Look into purchasing cybersecurity insurance.
7. If you are storing your data offsite with a third-party vendor (colo site), ask them if they have cybersecurity insurance. (The answer should be yes.) Ask your vendor to add your firm as an additional insured on the policy.
8. Educate your personnel on not opening suspicious emails or pop-ups, “But the dancing bunny was so cute… I clicked on it.”
9. Don’t allow personnel to check personal email from their workstation or have their smart phone, personal computer, or other devices connected to their workstation.
Along with following these above steps in our offices, Kramm Court Reporting has taken steps to protect sensitive data that we have online including having our Case 24/7 repository be SSA 16 compliant and having our backup locations encrypted over VPNs, and SSL certificates are used. If you are one of our clients, you can be assured that we have proactively done and continue to do everything we can to protect your information from these attacks.