Friday, 9 July 2021

Law firm hit by ransomware responds in a surprising way - will it have any effect?

A barristers' chambers hit by a ransomware attack has responded by getting a court order demanding the criminals do not share their stolen data.

Is a court order and privacy injunction the way to fight ransomware?

We've previously written about ransomware on the Alpha Legal blogRansomware is evil - hackers deliberately encrypt files and data and only make them accessible by decrypting after a ransom has been paid.  Worst still, hackers often now demand two ransoms - the second as a blackmail payment to prevent them from posting the stolen data on the web for all to see.

The Lawyer website reports that 4 New Square Chambers, which counts IT dispute experts among its staff, obtained a privacy injunction from the High Court at the end of June against "person or persons unknown" who were blackmailing the firm.  The hackers, who targeted the firm a month ago, were demanding a second ransom to expose all of the stolen data. This could be catastrophic for the firm involved.

At Alpha Legal, we are aware that email is often a point of entry for ransomware.  We urge all businesses, especially those in the legal sector, to avoid using email for sensitive data exchangeEmails are simply not secure enough and email servers are prone to attack.  Once compromised, a hacked email server is an easy route in for hackers to exploit and a ransomware attack is often the result.

Apply for an injunction is an interesting tactic but it is difficult to see how it could work.  These are criminals, after all, and the very act of demanding the ransom payment is surely demonstration that the injection will simply be ignored?  This is going to be an interesting story to follow and we'll blog again if the outcome of this sorry tale becomes known.

In the meantime, if you are worried about ransomware and use emails for exchanging sensitive data with your clients, switch now to Alpha Legal.  You can sign up risk-free in moments.

(the original story was posted by theregister here:

No comments:

Post a Comment