Law Times

Page 12 April 25, 2016 • lAw Times www.lawtimesnews.com Ransomware hackers try to scam law firms BY MICHAEL MCKIERNAN For Law Times L awyers who don't want to negotiate with ransomware hackers need to invest in technological training and file backup systems, according to a cybersecurity lawyer. The ransomware scam works by convincing office staff to click on links or open attachments that download a virus on to the com- puter system, locking files, and popping up an ultimatum to us- ers. Unless a payment is received, the message typically threatens to destroy the encrypted files. Ransoms are usually small, but Imran Ahmad, a Toronto lawyer with Cassels Brock and Blackwell LLP, says law firms can avoid giv- ing hackers the satisfaction of a payout by practising what he calls "good cyber-hygiene." "There's no need necessarily to pay ransoms, as long as you take steps to make sure you're protect- ed. That involves everything from making backups to ensuring your confidential information is en- crypted. That way, if your system is compromised, it can't be used by the person hacking it," says Ahmad, who helps clients develop strategies to combat cyber-threats as part of his privacy and data breach practice. While the Panama Papers leak has put the issue top of mind for many law firms, Ahmad says there is wide variation in their states of readiness. "I think lawyers in general are very aware of the risks, but it's an- other question altogether when you look at how many resources they are devoting to it," he says. "The key is spending time and ef- fort on the human resources side, training your people to identify suspicious e-mails, and to under- stand how serious it can be. By clicking on something, you can compromise the entire network. I was at a conference last week where experts were saying that the cost of remediating a breach is typically between two and three times what would have been spent on training." Several industry consultants have highlighted the practice as a growing threat to businesses holding sensitive data, including KPMG, which named ransom- ware one of the top five current trends in its Cyber Watch Report. "It has been around for years, but it is sharply on the rise right now, and the tactics are chang- ing," says Kevvie Fowler, KPMG's national cyber-response leader. "Law firms are an excellent target because of the amount of sensitive and important information they are hosting, and the time sensitivi- ty involved. That data is core to the business, and not having access to files for any amount of time can be damaging, which makes them more likely to respond." According to Fowler, the po- tential damage a ransomware at- tack can cause has helped it shoot up KPMG's trends list this year. "It used to be that just the com- puter where the file was opened was affected. Now the virus is self-propelled. It can be installed on one machine, and then jump to other users. It can spread quite rapidly, and suddenly the entire organization is infected," he says. Some attackers are even turn- ing it into a protection racket, demanding payment up front from businesses in order to stop them from becoming a target in future. "It's a type of extortion," Fowler says. Fowler says keeping software up to date and carrying out patch- ing are critical for law firms that want to stay protected from ran- somware, since many rely on ex- ploiting well-known vulnerabili- ties in computer systems. Isolat- ing computers that store the most sensitive data, or the ones holding backed-up material, from the rest of the firm's network is also a good idea, he says. For the ill-prepared, paying the demanded ransom and hoping for the best can be the only option, according to David Whelan, the Law Society of Upper Canada's manager of legal information. "It comes down to a business choice in most cases. It's not the best option, but if you don't have a good backup, and it's confidential client information at stake, I don't know that you have a whole lot of choice," he says. Even once they decide to co- operate, there are no guarantees. "I spoke to one lawyer who was will- ing to pay a ransom, but he didn't do it in time, and so he lost every- thing," Whelan says. Dan Pinnington, vice-pres- ident of claims prevention and stakeholder relations at LawPRO, says six firms in the province have reported incidents with ransom- ware in the last year, with ransom requests at no more than $500, generally due in untraceable Bit- coin payments. The relatively small amounts involved have led to under-report- ing of the problem, Pinnington believes, with law firms handling the issue in-house to avoid the po- tential embarrassment of reveal- ing a security breach. Although the idea of dealing with hackers makes him uncomfortable, he says it definitely occurs. "They make the ransom a relatively low amount compared with the cost of the business in- terruption. If it was a very high amount, more people wouldn't pay," Pinnington says. "I hate to recommend that someone cave into this kind of thing, but cer- tainly in my experience, the vast majority who have made pay- ment have indeed got the key back to decrypt their data." Pinnington says employee training should be the top prior- ity, especially as hackers increase the sophistication of their attacks. He says hackers have recently be- come more targeted, abandoning generic mass e-mails that can be easily identified in favour of per- sonalized messages that name their recipients and look plausi- ble as legitimate messages from friends or colleagues. LT FOCUS To learn more, call 1-800-410-1013 or visit titleplus.ca It's simple. • Underwriting information is prepopulated in the application It's less work. • Searching is streamlined It saves time and money. • Your clients benefit from savings on disbursement costs Selected new condominium developments in Ontario qualify for an easy title insurance 1 application process. New Home Program and New Condo Select Now available for deals up to $5 million ® Registered trademark of Lawyers' Professional Indemnity Company. © 2016 Lawyers' Professional Indemnity Company 1 The TitlePLUS policy is underwritten by Lawyers' Professional Indemnity Company (LAWPRO ® ). Please refer to the policy for full details, including actual terms and conditions. Lawyers' Professional Indemnity Company (LAWPRO ® ), 250 Yonge Street, Suite 3101, P.O. Box 3, Toronto, ON M5B 2L7 Untitled-2 1 2016-04-19 1:25 PM Dan Pinnington says hackers have recently become more targeted in their approach. This is more than a phone book. It is your instant connection to Canada's legal network. With Canadian Law List 2016 you have access to: • an up-to-date alphabetical listing of more than 80,000 barristers, solicitors and Quebec notaries, corporate counsel, law firms and judges across Canada • all contact information supplied for the Supreme Court of Canada, the Federal Court of Canada, Federal Cabinet Ministers, departments, boards, commissions and Crown Corporations • legal and government contact information related to each province for the Courts of Appeal, Supreme Courts, County and District Courts, Provincial Courts, law societies, law schools, Legal Aid and other important law-related offices THE LATEST CONTACT INFORMATION IN A USER-FRIENDLY FORMAT THAT IS BEYOND TRADITIONAL LISTINGS Continually updated by a dedicated team of professionals, Canadian Law List includes value added features such as: • last name first identification in the federal and provincial listings • separate section of corporate law departments for more than 1,250 companies • professional cards of prominent Canadian law firms • International Agency Referral Cards AREAS OF PRACTICE AND ENHANCED LISTING INDEX The enhanced listing index is displayed in bold type with detailed practice information. It also: • lists firms and lawyers that have expanded their practice information in their provincial listing • is organized by areas of practice by province, city and page reference in their provincial listings Hardbound • Published February each year • L88804-765 • On subscription $169* • One time purchase $188* Multiple copy discounts available * Plus shipping/handling and applicable taxes ORDER YOUR COPY TODAY! Call 1.800.387.5164 or visit www.carswell.com KEEPING PACE WITH THE CHANGING LEGAL COMMUNITY FOR OVER 130 YEARS Untitled-5 1 2016-04-20 4:36 PM

• Cover