Lawyer Monthly - October 2022

of an incident. Any data stolen by cybercriminals is compromised whether a ransom is paid or not – and if an organisation were to restore their system from local backups stored on the same infected network, they would run the risk of becoming re-infected with malware. Paying up also has the added effect of incentivising ransomware gangs, who are increasingly targeting small- and mediumsized businesses. SMEs have become lowhanging fruit for bad actors, willing to pay relatively small ransoms, which can prove just as lucrative as ransomware attacks on larger organisations for hackers in the long-run. The temptation to pay up can be stronger for smaller enterprises that have fewer resources in-house to monitor their environments for threats and mitigate against potential breaches. This is paired with the growing sophistication of cybercriminals, who are deploying more targeted and timely attacks. These include ransomware attacks deployed during a quiet period, e.g. bank holidays or weekends when fewer IT and security staff are working, or malware delivered via an especially deceptive phishing email that includes personal data harvested online. Paying ransom demands should therefore not be an option for the clients of legal firms – small or large – but what exactly should businesses be doing to avoid the temptation to pay up and better protect their networks? A Proactive, Combined Cybersecurity Solution In the event of an attack, backups – or, rather, a suite of backups – form a critical part of an organisation’s proactive cybersecurity strategy. Specifically, businesses need a blend of smaller, incremental, more frequent backups for business restoration in conjunction with full backups stored on a separate encrypted network, as well as long-term backups stored on tape. Although this may sound excessive, a backups suite such as this can help clients restore their data quickly and safely in the event of a ransomware attack. In doing so, they avoid the common recurring issue of restoring infected backups and SPECIAL FEATURE 37 Collaborating with cyber professionals who have expertise in developing detailed incident response playbooks can be crucial to effective and speedy remediation.

RkJQdWJsaXNoZXIy Mjk3Mzkz