Ransomware is a type of virus which usually arrives via email attachment. It infects a user’s computer and changes all files into unreadable coded form, and keeps them in coded form and will only release a “key” to change them back to a readable format when a requested ransom is paid.
The user will receive a message stating that if the requested ransom is not paid by a certain date, the key to unlock the encrypted files will be automatically deleted, with not even the person that sent the virus able to retrieve the key. So, if ransom is not paid, files will stay in coded form, and be useless, forever. Payment is often requested via difficult to trace online methods.
Some law firms have already fallen prey to ransomware, with sensitive and confidential client information being held hostage or left unreadable forever. Other high-profile victims have been government organizations or large corporations. In these cases, the risk of loss is so high that the victims see no other choice but to comply with the demands and pay the ransom, as losing information could be catastrophic. There have been reports that the people responsible for ransomware attacks have made millions of dollars in ransom.
The best protection against ransomware is precaution.
The most common way for viruses to enter a user’s computer is through “social engineering,” which is the use of psychological manipulation to get people to perform certain actions or give away confidential information. An example of social engineering specific to ransomware is to change the information in an email to make it appear that it came from a sender that the recipient knows, and therefore, trusts. The recipient of the email would not question an attachment in an email from a friend or coworker, and would likely open the attachments without question.
The best way to protect against ransomware is to not open any email attachments without prior scrutiny. Even if the email arrives from someone you trust, use discretion when opening attachments, as the sender’s email may have been altered and used to send viruses. One way to scrutinize an email is to look at the message in the email body; if it appears at all unlike something the sender would send, check with the sender first (not via email) before opening any attachments.
Often, the email attachment will be hard to resist. It may be something that seems to need immediate attention, such as a time sensitive work presentation, or a large money prize or penalty to be claimed immediately. If an email attachment seems suspect in any way, the best course of action is to verify that the email is legitimate and sent intentionally. Essentially, do not trust an email and its attachments just because you know the sender.
At Mincher Koeman LLP we have extensive practices and policies in place to protect our clients’ confidential information against ransomware attacks.