If you are an OAMIC-insured law firm, you have comprehensive cyber and data breach coverage provided automatically. It is included with your LPL policy at no additional cost to you. It’s great in the event that you have a cyber-related incident. But even with the coverage, the assistance of experts and the restoration of data, any cyber event can be a painful experience.
Ransomware is defined as a type of malicious software designed to block or limit users from accessing their system or data. This works by either locking the system’s screen or by locking/encrypting the data until a ransom is paid. There could be a ransom for both the decryption key to restore you data as well as a ransom to keep the attacker from leaking your data to others.
Although ransomware has been a problem for quite some time, the frequency is actually increasing quite a bit. Ransomware now makes up more than 75% of all cyber insurance claims. Because of the growing popularity of ransomware with cyber criminals, the demanded ransom has grown as well. The average ransom paid at the beginning of 2021 was $118,000. Less than one year later, the average ransom had grown to be $322,000.
As software providers, governments, militaries, insurance companies and courts tackle this growing and changing issue, it’s still in your best interest to do your part in avoiding a ransomware attack.
5 Tips to Avoid a Ransomware Attack
- Use multifactor authentication. This is just simply an authentication system that requires more than one distinct authentication factor to successfully login. It’s most often a password followed by a code that is sent to your cell phone. Use this on your email systems as well as all case management systems.
- Upgrade your router and firewall to include intrusion detection and intrusion prevention functionality. Employ IT experts to properly install and maintain your firewall. It is your first and most important line of defense.
- Require cybersecurity awareness training for all personnel. Knowing what to look for and trends in phishing or other scams can help you and your employees avoid disasters. Your IT experts should be able to direct you to resources to facilitate annual mandatory training.
- Immediately change all factory default settings on any connected hardware. Never leave default passwords or other settings when setting up a device or when installing a Wi-Fi network. Initial default setup is made to be quick and user-friendly, but it often leaves you vulnerable. Again, you IT experts should be able to give you guidance on what settings to change.
- Use a cloud backup provider to help protect your data from ransomware. In addition to cloud backups, occasionally backup your data with an external hard drive and then disconnect it and secure it in a safe place. Having redundant and up to date backups allows you to avoid getting caught in a situation where you are unable to access any of your files or data.
There are several things you can do to mitigate a cyber event. Taking some easy and basic steps are a great place to start.