Ransomware is an insidious term most of us have likely heard before but may not fully understand or know how to effectively protect ourselves from. But now as ransomware attacks have become more prevalent than ever before, it’s essential to understand it to ensure that your firm is protected.
So let’s break it down. First, what exactly is ransomware? It’s a type of malware that covertly installs itself on the computer of an unsuspecting user—usually completely undetected. Once installed, it encrypts important data and files (essentially holding them for ransom) and the user then receives a message requesting a payment to regain access to the encrypted files. Not only does it pose a major inconvenience, it is also a serious security risk for any firm.
Unfortunately, cyber attackers who use ransomware have made it difficult to detect. Often something as simple as clicking on a link is all it takes to have a computer infected—and without proper precautions in place it can do a lot of damage before being detected. However, there are actions you can take to ensure that your firm is protected.
Here are our top tips for protecting your firm against ransomware:
- Back Up Everything, Everyday – The best way to protect your firm from ransomware is to just make it impossible for them to lock you out of your data. By backing up everything in your system or on your computers every day (or multiple times a day) to multiple places, like the cloud and an external hard drive, even if a computer is affected you can continue to access what you need to—no ransom fee required.
- Install and Update Anti-Virus Software – Every computer in your firm should be equipped with up-to-date antivirus software. This isn’t an end-all, be-all solution but can help be a first line of defense. Also, do your research to find reputable antivirus software—they are not all created equal.
- Be Suspicious – As we mentioned, ransomware often infects computers in a single click, so always approach emails containing links with caution. Check that the email is one you recognize (some ransomware uses a familiar name but when you check the email address it doesn’t match) and for any other suspicious signs, such as being sent at a strange time, containing a message you weren’t expecting, etc.
- Don’t Get Download Happy – It can become second nature to just download files from emails and websites but resist the temptation. Instead, ask yourself if anything about the document seems out of place or if the website you’re downloading from is reputable. As a law firm you probably download many legal forms—but NEVER download forms from questionable websites. That is a quick and easy way to get infected.
- Stop the Spread – In the event that a computer at your firm is compromised, immediately disconnect it from your network so that it can’t spread to other devices and do more damage. This will ensure that only minimal files and data are compromised.
There’s no 100% fool-proof way to prevent a ransomware attack. But if you educate members of your firm on the precautions you can take, you can limit the chance of finding your systems compromised. Use these tips to get started and keep your firm protected.