The news of law firm giant DLA Piper being nearly crippled by the latest ‘Petya’ Ransomware attack is sending shock waves through the legal community. Historically slow to adopt new technologies especially in the arena of internet security, this may be the wake-up call the community needs to evaluate the very real risks that cyber attacks place on their firm and their client’s cases.
DLA Piper said that on June 27 its “advanced-warning system detected suspicious activity on our network, which, based on our investigation to date, appears to be related to the global cyber event known as ‘Petya.’ Our IT team acted quickly to prevent the spread of the suspected malware and to protect our systems.”
According to LogicForce, a company specializing in law firm cybersecurity, who assessed over 200 law firms, “Every law firm assessed was targeted for confidential client data in 2016-2017. Approximately 40% did not know they were breached.”
They state that more and more clients are now requesting or requiring that their law firm undergo independent security audits in order to do business with the firm. Among other important considerations such as portable device security, strong password practices, wireless access points, and good data protection training for employees, LogicForce also recommends email encryption as an important consideration:
Law firms need to consider using email encryption. There are many forms of email encryption. These options include utilizing a third party service to encrypt the content of your messages, encrypting your email database/file system, and finally encrypting emails in transit. Utilizing third parties, or encrypting the email databases can pose challenges to end users. However, ensuring the communications channel between your email system and the recipient’s email system can be a seamless process for both end users.
GlobalCerts’ SecureMail Gateway server and Fast&Secure service can make the process of securing a law firm’s communications with their clients as simple and seamless as possible. Our systems can utilize multiple methods of email encryption including server-to-server TLS with specific domains. This technique allows your organization to transmit emails secured over a secure TLS connection between our technology and your client’s receiving email server. No passwords or logins needed; the email is delivered straight to their mailbox.
To help prevent attacks like the Petya ransomware from infecting internal systems and disrupting business, a multi-tiered quality Virus and Spam protection is absolutely necessary. Whether you require an on-premise server or a cloud based solution, GlobalCerts offers multiple options to detect threats in your incoming email that with one click, could lead to a company-wide infection and lockdown of your business. The time is now to get serious about cybersecurity, before the next attack.
Sources:
http://www.americanlawyer.com/id=1202791614770/Ransomware-Attack-on-DLA-Piper-Puts-Law-Firms-Clients-on-Red-Alert?slreturn=20170619130528
http://www.logicforce.com/reports/detail/cyber-security-q1
