Recently extortionists publicly exposed confidential files of five small law firms. They threatened to publish much more if the firms didn't pay the extortion money.
The criminals used modified ransomware that not only locked up the firms' files but also uploaded them to a publicly available website. The site listed the law firms' names along with a list of other breached companies.
Visitors to the website could click to download the stolen data. Here is a screenshot from the criminal website:
According to Law.com, three small South Dakota firms were hit:
"The firms, 22-lawyer Bangs McCullen, 27-lawyer Lynn, Jackson, Shultz & Lebrun, and 13-lawyer Costello Porter were listed Jan. 24 on one of the sites Maze uses to announce its targets.... Maze previously attacked 10-lawyer Houston-based Baker Wotring and Oregon-based, two-partner Hamilton & Naumes last month." https://www.law.com/americanlawyer/2020/02/04/maze-ransomware-attack-has-hit-small-law-firms-in-3-states/
In the past, hundreds of law firms have quietly dealt with ransomware attacks. Out of a desire to protect their reputations, most have not reported these security breaches.
With their new ransomware variant, extortionist criminals have dramatically increased their leverage against small law firms.
You used to be able to deal with ransomware by recovering your locked files from your backups, assuming your backups were not also compromised. Now a good backup won't defend you against the public humiliation and loss of clients that will result from the exposure of confidential client documents.
Don't assume that your antivirus software will protect you from all of these threats. When hackers break into your computer, they can appear to be authorized users. Uploading your files will appear to your antivirus software as normal user activity.
To fully secure your firm against the new ransomware variants, multiple defenses are indispensible. User training, modern cloud-based antimalware service, and updated software form the foundation of your protective layers.
Data Loss Protection services add another key layer. They monitor all attempts to extract or "exfiltrate" files from your computers by various means. The routes you can block include email attachments, file transfers, file synchronization services like DropBox, Google Drive and OneDrive, and uploads to various websites.
Call me to find out how you can safely and affordably outsource the protection of your priceless client files and your reputation.
Wells H. Anderson - 888-922-1120 - moc.mrifymeruces@ofni