Ransomware is a malicious cyber-attack which takes control of and encrypts digital information, demanding a monetary payout in exchange for the keys to decrypt information. Consequences of these attacks include six, seven, or even eight figure payouts to retrieve information and paying these ransom requests presents additional risks and challenges. On October 1st, an advisory was issued from the United States Treasury Office of Foreign Assets Control (OFAC) that stated paying ransom to cyber-attackers may result in criminal and civil penalties from OFAC[1].
The legal industry poses a lucrative target for cyber-attacks due to the personal information law firms are required to process and store. In addition, employees working remotely are an easier target for phishing malware, since much of the home office environment is beyond the control of the firm.
Protecting against ransomware comes down to two key things – Training and Technical Controls to reduce the risk of an attack, and Incident Management to respond.
Training and Technical Controls
Technical controls are an effective first line of defense to prevent malicious actors from breaching systems. These include insuring an effective data backup program, patch management, and access privileges to data. User training is an extremely valuable tool to safeguard against phishing attacks, which may deliver ransomware. Educating users on how to best identify suspicious emails or unsafe websites greatly reduces the likelihood of cyber-attackers finding a means to infiltrate your network.
Incident Management
While training and technical controls will significantly reduce the risk of a ransomware attack on your network; criminals are learning and evolving every day, so the risk of an attack will never be completely removed. In order to respond to a cyber-attack quickly and efficiently it is critical to have comprehensive and appropriate incident response procedures in place in order to recover.
This is where the ISO 27001 framework comes into play. ISO 27001 is an internationally recognized standard that specifies a framework for Information Security Programs. It provides a mechanism to review the effectiveness of security management systems to ensure that all security initiatives are aligned with industry best practice and are properly executed. ISO 27001 provides a practical and risk-based approach to implementation of technical security controls, governance, and incident management.
About CQR
CQR is an independent, multi-award winning cyber security company with offices in the UK, US and Australia. CQR’s highly qualified experts have helped hundreds of organisations worldwide stay ahead of the latest cyber security threats.
The company was founded with the mission of making the world a safer place and ensuring that clients’ information and people are protected, so their businesses can thrive.
You can connect with CQR via our online portal
