A June cyberattack on the networks of global law firm DLA Piper should come as a warning and a wake-up call to every law firm in the country. The potentially crippling attack, which stemmed from the “Petya” worm, took the firm offline, suspended email communications for days, and potentially compromised, if not corrupted, client data and other files.
Quantifying the actual damage of a vicious cyberattack like the one that rocked DLA Piper is a difficult and daunting task. Were any accounts or clients harmed or jeopardized? Was any litigation damaged? Will there be further unforeseen damage down the road? Even if remediation efforts successfully restore networks to their pre-attack state, what damage has been done in terms of the firm’s reputation and its ability to keep accounts and earn new ones?
Law 360 recently sought feedback on the DLA Piper attack from some of the top cybersecurity experts in the country for advice on how to ward off the next global malware attack and what to do in case their firms get hit.
John Simek, vice president of information security firm Sensei Enterprises, told Law 360 that malware attacks and viruses are growing more complex and sophisticated to the point where firms must address attacks as if they are inevitable, not just possible. Mr. Simek in an interview with Law 360, referring to the “Petya” ransomware that struck DLA Piper. stated:
This is a scary, scary infection as they learn more about it. This was really a test, a proof of concept. It’s no longer ‘Keep the barbarians out.’ We’re now at the point where we need to detect the infiltration, respond to that attack and then recover from it.
While each law firm should do an intense study and self-evaluation of its need, the following are recommendations for law firms.
First, firms should immediately patch any vulnerabilities that have been exposed by previous ransomware attacks on other systems. For instance, an earlier attack by the WannaCry ransomware exposed an Achilles heel that Petya effectively kicked.
Defenses should improve with every cyberattack, so firms should assess how open their networks are, eliminate any deficiencies, and perform vulnerability tests on their computer networks regularly. Open networks between firms are worms, viruses and other malicious bugs.
Firms must also be sure their networks are structured and layered in a way that requires levels of access. Doing so can create chokepoints where ransomware gets held up, Luke Dembosky, a former top cybercrime official at the U.S. Department of Justice, told Law 360, which explained the potential damage as the difference between a brush fire and blazing forest fire.
Assuming that your firm’s backup system, whether on the cloud or somewhere else, is the quick solution to recovering from a cyberattack can be a costly mistake. Even backup systems can hold glitches, bugs, and corrupted files, so firms must avoid the false sense of security that backup systems may impart and test those systems to ensure they’re clean, functional, and uncorrupted.
Firms that have experienced a cyberattack should find and hire a forensics company to figure out how the attack occurred and why. It’s also a good idea to find and retain the services of such a company in times of safety because that will give you privilege in times of need. As Law 360 puts it, “just like searching the Yellow Pages or Yelp for a plumber after a pipe has burst and you’re ankle-deep in water, the time to dial for help is not in the middle of a cyberattack.”
Many firms hit by cyberattacks quite often learn a hard lesson about their insurance. Some traditional policies exclude damage for cyberattacks or will cover only a fraction of the resulting losses. Some insurers will deny firms coverage if they were using pirated software or software licensed for one computer across an entire company. Insurers may deny claims if the firm has failed to patch its network after a previous attack.
Consider, also, how prepared your firm is to calculate the true cost of an interruption in business and to demonstrate for your insurer that the business wasn’t just deferred. Firms should also be aware that no insurance companies currently provide coverage for reputational hits. In fact, as many real-life cases have shown, many insurers’ policies haven’t evolved to cover all the unique damages that new malware inflicts, and that’s a problem that could leave any firm facing costly out-of-pocket expenses.
Contact us today for a free legal consultation with an experienced attorney.
Fields marked *may be required for submission.
If you would like to subscribe to the Jere Beasley Report digital edition, simply visit our Subscriptions page and provide the necessary information or call us at 800-898-2034.
Attorney Advertising - Prior results do not guarantee a similar outcome.