Actionstep: Law firm ransomware attacks

Legal Support Network

16 December 2021

3. Set and Adhere to Expectations for Availability.

Law firms are lucrative targets for ransomware attacks due to the volume of sensitive client data they typically store. According to The Economist, ransomware is the “single biggest threat” in the organised crime world today. Simply put, the cost, time, and hassle of recovering from such an attack can be devastating. Here are seven simple actions you can take today to protect your firm.

1. Risk Assessment
Evaluate your current security footprint with an annual risk assessment. There is also the option of penetration testing (controlled hacking), which can help identify network vulnerabilities.

2. Anti-ransomware Software
Most organisations have anti-virus software set up, but what about anti-ransomware software? Cybercrime tactics are ever-changing, so it can become difficult for anti-virus software to detect a ransomware attack. Your firewall also requires constant monitoring and updating to stay secure.

3. Software Updates
Ensure all software is up to date at all times. Enable automatic updates on software that offers it and check for updates on software that does not. Upgrade any software that is nearing end-of-life status along with any unsupported devices.

4. Passwords and MFA
Passwords alone are not enough to protect your data from an attack. Multi-factor authentication should be standard for all business applications. This is the single most effective way to prevent many of the methods hackers use.

5. Phishing Schemes
Email phishing schemes remain a primary method for ransomware attackers, targeting individuals to dupe them into clicking links, downloading attachments, or entering details into bogus websites. Your staff should be regularly trained and aware of the latest phishing threats and trends.

6. Physical Security
Most law firms have a significant number of mobile staff distributed among various locations. Practices such as keeping machines in locked boxes and having a device tracking system for your fleet of devices is key.

7. Communications & Training
Increase communications with staff, emphasising the risks and ensuring everyone is on the same page in relation to the importance of ransomware. Delegate one person to keep everyone informed about data security. The more these messages are circulated, the more likely people adopt them.

Prevention is the Best Protection
Ransomware is fast becoming one of the biggest threats to your firm. At Actionstep, we have implemented prevention policies and procedures to provide the best possible data protection. Ensure your data is secure from the latest threats by investigating your current protection and updating if necessary. Cybersecurity needs to be constantly monitored to provide the optimum level of protection.

For more information on how Advantage365 can help your law firm, please call us on 0121 212 6580 or request a free call-back using our contact form to get free initial advice. You can also access a wealth of free business information for lawyers by visiting our digital Resource Centre and view our free Business Factsheets

Alternatively, please subscribe to our services here or book an online consultation here, or email us on