While parts of the lawful economy may be struggling, ransomware has become a booming industry over the past few years, with the Covid pandemic exacerbating the problem. The legal sector is particularly vulnerable and is often identified as a prime target for cyber-criminals.
Law firms handle large quantities of highly personal, sensitive and potentially useful information. They conduct vast numbers of interactions with third parties that make them especially vulnerable. They are also perceived as being financially sound, with good reasons for wanting to settle a ransomware attack by meeting the demands of the criminals. In a sector where reputation is everything, a ransomware attack can be costly for a variety of reasons.
Traditional anti-virus solutions are no longer up to the task of combating the threat so what can law firms do to limit the risks of a successful ransomware attack?
How to protect against ransomware
There are a number of basic measures that law firms can put in place to help minimise the risk. These include:
Create robust security barriers
The more digital barriers that law firms have in place to meet security threats, the less likely they are to become victims of a ransomware attack. Law firms should have an advanced email security protection system in place. This can check both links and attachments from emails. Next Generation AntiVirus can spot ransomware attacks early enough before they have a chance to do any damage.
Law firms should also ensure they use two-factor authentication. This has consistently been shown to protect against security breaches and protect against ransomware attacks. Third parties might be able to steal passwords, but this doesn’t mean they’ll be able to get access to systems without using a device that’s known to the system.
Firms can also deploy a system that’s continually alert for suspicious activity. This is known as a Security Information and Event Management System (SIEM), and this can give alerts to a Security Operations Centre (SOC) team, which can then respond immediately. This is perhaps the most robust means by which to address growing security threats but it can be costly.
Eliminate air gaps in backups
Ransomware attacks frequently target encrypted data. If they’re successful this can put a business out of action for a number of days. To limit the risk, backups shouldn’t be located on the same network as their data. If it is, a firm could be left with very little chance of recovering.
Thorough patch management
It’s common for law firms to patch their IT systems to fix any security vulnerabilities on a weekly or monthly basis. With the growing threat of ransomware attacks, this is not regularly enough. IT teams should be alert to any new and emerging threats, and specialist help from IT security partners should be commissioned to deal with them urgently. Putting off addressing a threat is an invitation to be hit.
Managing employee risk
Human factors can make employees the weakest link in a firm’s security architecture. To help them spot suspicious behaviour online and any potential threats they should receive regular training and updates.
With remote working, employees are connecting at home or in other locations and often over unprotected networks. A VPN solution is critical when it comes to controlling these risks.
It’s also important that USB ports are locked down and only available to IT approved devices.
How hosted desktop services can reduce the risk
A hosted desktop service can help to reduce the risk of a successful ransomware attack by eliminating some of the most vulnerable points in your firm’s IT infrastructure. At OneTech, our secure hosted desktop services enable you to access files, applications, emails and documents wherever you are. This facilitates remote working while removing the weak spot introduced by an unprotected network.
Backups are made on a separate off-site server which enhances the security of your data whether the user is working remotely or in the office. Data is stored in a world-class UK based data centre where threats are continually monitored and eliminated.
As well as delivering much higher levels of security our hosted desktop services also save you money by removing the need for expensive servers, hardware, support, Anti-Virus, back-ups and licensing.
To find out more about how OneTech’s secure hosted desktop services can help you meet the ransomware threat contact our experienced team today.