High on the list of things that send chills down the spine of an attorney is getting an e-mail from the disciplinary committee or state bar association alleging a disciplinary complaint. Playing on those fears is the hope of the hacker that the attorney will open the attachment with the e-mail.
Reported spoofed/bogus e-mails are appearing and look like they originate from the state bar association with a subject line stating that an ethics complaint has been filed against the attorney. The bogus e-mail states that the attorney needs to open the attachment to gain details of the complaint and to follow the instructions in the attachment to respond to the complaint. The attached doc contains the ransomware. This tactic has produced a high infection rate with solo practitioners and small law firms.
If you receive such an e-mail resist the temptation to open the attachment until you verify that they e-mail came from a legitimate source. If phone numbers are provided in the e-mail or website links, do not call those numbers to verify authenticity or click on the links. Independently go to your state bar website and obtain either the phone number or e-mail addresses of the proper people to contact.
If the e-mail is legit, open the attachment and proceed as instructed. If it is not legit notify your association and provide them with information that they request to help track down the source. Delete the non-legit e-mail from your system. Responding to the e-mail just lets the hacker know they have a valid e-mail address.
Many law firms will find that if they are infected that their basic professional liability insurance policy or business owner policy may be of little helping pay or advising on responding to a cyber attach or ransomware demands. Cyber Insurance either through endorsement to your Attorney Malpractice Insurance or Business Owners policy may be one solution. Just make sure that any endorsement will respond to both 1st party and 3rd party claims and that the insurance carrier has a dedicated team to help assist with any cyber-attack, data breach, or ransomware issue.
The other option is to purchase a Cyber Policy that contains all of the above requirements.
Prevention is always the best medicine for preventing an infection:
1. Training employees on the proper methods for handling the devices, passwords and how to use the internet and cloud.
2. Keeping current with operating systems and application software updates
3. Having up-to-date antivirus and data breach software installed system wide.
4. Practicing good computer habits, ie changing passwords and using complex passwords.
5. Separations of duties
6. Have “trusted” employees take at least a consecutives week off a year for vacation.
7. Adequate system backups that are independent and isolated from your computer systems