Everything You Need to Know About Cryptolocker & Ransomware

Cryptolocker Strikes

Buzzzzzzzz-That’s the sound of your alarm clock going off at 5AM, you have a big day ahead of you. You grab your phone, which moonlights as your alarm clock (among other things), and silence the alarm. With your phone in hand, you glance at your email — low and behold, there is the email from your client you’ve been waiting for! Quickly, your feet hit the floor, you move swiftly to your Keurig machine and brew up your morning cup while simultaneously powering on your laptop… Multitasking before 6am was not your plan, but you are very anxious to get logged in so you can open the attachment your client sent you.

Java in hand, shaking the sleep out of your eyes, you open your email, double click on that attachment you received, and you wait for it to open…. wait, why isn’t it opening? You double click it again and still nothing. Hmm, maybe the third time is the charm… double click and nothing. Frustrated, you decide to check the news and browse the web while you wait for your file to open. You open your browser and POW! What’s that noise? All of the sudden your computer is screaming at you and there is a message on your screen you have never seen before. Your computer is telling you it’s been infected with a virus meaning all of your files are locked and encrypted. To regain access to your files you need to call a strange international number and provide them with 5000 bitcoins (not dollars, yen, or pesos, but bitcoins– Bitcoins. What’s a bitcoin? Where do I get them?). Why is this happening to me? What on earth is going on?

What Is CryptoLocker and Ransomware?

You’ve just fallen victim to one of the most emerging cyber attacks on the planet. The email you thought was from your client was really a “spoofed” email address from a fraudster looking to make a quick buck off the innocent and unsuspecting professional. In technical terms, it’s called ransomware. The good news is, the story painted above did not actually happen to you, but it could.

Once considered a consumer problem, ransomware has morphed to target entire networks of computers at law firms and other businesses. These entities have more to lose than the average consumer making them prime targets for cyber crimes. According to the U.S. Department of Justice, ransomware attacks have QUADRUPLED this year compared to just one year ago, averaging about 4,000 a day. Typical ransomware payments range from $500 to $1,000, according to cyber-risk data firm Cyence Inc., but some hackers have demanded as much as $30,000. Every infection is unique and equally as painful to recover from.

How do you Prevent Cryptolocker and other Ransomware Attacks?

Now, you have to be wondering what you can do to prevent this happening to you and your entire practice….. The last thing you want to do is tell your largest client that all their matter files are corrupted, infected, and useless. The best thing you can do to prevent cyber attacks from happening to you is to invest in your technology, know what you’re up against, and train your employees. We recommend starting with the basics:

Anti-Virus Software- You have a myriad of choices when it comes to Anti-Virus software. Companies such as McAfee, Trend, and Symantec offer suitable small business products. These can help catch the majority of these infections before they begin.

Look before you click- When you receive an email with an attachment, look at the sender’s address to make sure it’s coming from their actual email address. Some spoofing attacks will use an email address that’s very similar to a legit one – chris@gmaiil.com instead of chris@gmail.com. It’s easy to overlook the extra letter in the domain name. If you question the email’s validity, check with the sender to ensure they sent it. If it came from someone you don’t know, or looks phishy (pun intended), delete the email immediately.

Augment your IT infrastructure to an IT Company- Spend your valuable time practicing law not figuring out IT. Companies, like Legal Workspace, spend the time, money, and effort to implement enterprise-level protection against online attacks. You’re in business to practice law, not understand and implement corporate IT solutions. Leave that to the experts.

I’m sure you’re glad this situation did not happen to you, and so are we. The cyber world is moving at a vigorous pace that can be hard to keep up with. Employ legal technology professionals to keep up with emerging threats and cover your bases for you. Practice law, not technology — leave your cybersecurity worries to us.

5 Ways Employees Accidentally Threaten Data Security

What do you think is the biggest threat to your IT security system? A hacker getting past your firewall? Unencrypted emails? Lack of consistent back-ups? Those may be serious concerns, but the biggest threat to security for a law firm is actually its employees.

That’s right: The very people who keep your organization running are the same people who might be putting your data at risk. Here are the top five ways in which employees jeopardize security.

1. Opening email virus attachments5 ways employees threaten

An attorney receives an email with an attachment called myresume.zip. He or she opens the attachment, and—just like that—a CryptoLocker Ransomware virus is running rampant through your network.

CryptoLocker Ransomware viruses install a program on the infected computer that systematically accesses and locks all of the data files—including network files. To regain access to the files, money (usually hundreds of dollars) must be sent to the hacker. This type of virus can be increasingly aggressive and quite lucrative for the hacker. And, there’s no guarantee that the hacker will honor his side of the deal and unlock the files.

This is one of many viruses that an employee could unleash into your law firm’s network by simply clicking the wrong link or opening an unsafe email attachment. To halt this type of attack, educate employees not to click on anything unknown. Make sure that your antivirus programs are regularly updated and can sufficiently block malware file types and are capable of removing infected files.

2. Weak user IDs and passwords

As the number of usernames and passwords needed by the average person increases, some employees take the following shortcuts to remember their information.
• use the same ID and password across multiple accounts
• use common words or phrases
• use personal information, like a spouse’s name or birthday

Weak user IDs and passwords account for a significant portion of data breaches. A 2015 security analysis states that along with weak remote access security 94% of breaches were because of weak passwords. Often, news stories about famous people being “hacked” are actually about people or automated programs gaining access to celebrities’ information because they’ve been able to guess their usernames and passwords.

Educate users about what constitutes a strong password and put systems in place that require frequent password changes.
• use passwords of 10-charcter length or more with complexity
• randomly insert symbols and numbers mixing lowercase and uppercase letters
• use multiple security questions

3. Phone scams to access a computer

An employee might receive a telephone call from someone claiming to be from Microsoft support. The caller might say that the attorney’s computer has been compromised and is sending out critical personal information. In order to correct the problem, they must allow the caller remote access to his/her computer or give other identifying account information.

Of course, the caller isn’t really a Microsoft support representative. It’s a very sophisticated hacker. Warn employees about phone scams. Callers might claim that they’re following up on open service tickets or investigating virus infections. Employees should never allow unknown callers remote access to their computers.

4. Unrestricted administration rights

If every attorney and staff member has permission to install programs or applications at the firm, it forms a security loophole. These security risks create vulnerabilities on the computer that can be exploited by hackers to gain access to the network. Many employees are tech-savvy and aware of current security threats, but some may inadvertently download a virus or malicious application.

To prevent these weaknesses and diminish the risk of downloading malware, tighten administrative rights so that an individual—someone in a supervisory position or an IT legal professional—manages program and application installation. .

5. BYOD security risks

Bring Your Own Device (BYOD) opens security holes in a couple of different ways: through home computers and various other devices.

When employees use home computers, a Virtual Private Network (VPN) connects them to the company network for remote access. But, the company doesn’t have any control over the home computer’s security. Is there robust antivirus software installed on that computer? Are there others at home using the computer unknowingly downloading viruses? Is it updated regularly? All of these threats, if not regulated could place the entire law firm’s data and security at risk.

Tablets, Smartphones, and other devices can also complicate the process of securing a network. One potential issue has to do with applications installed on Smartphones or tablets. Permissions for those applications might allow a third party access to data, such as images or contacts, on that device. Access to images on one of these devices could leak sensitive confidential information that compromises your client or law firm.

How to protect employees from themselves

Provide a work station use policy, which outlines do’s and don’ts for employees. Training helps employees understand the reasons behind the policies and reinforces appropriate actions.

Legal Workspace is a cloud service for law firms that provides IT training for its clients and employees. We work with clients to implement a number of security policies and procedures to protect data against security threats. And, because Legal Workspace’s cloud-based solution is designed in such a way that remote devices can only access the environment through an encrypted channel, BYOD issues get eliminated.

Employees’ mistakes could have serious consequences to your business. Take the necessary steps to protect your system today and increase your data security for the future.