Downloaded 10 times
Uploaded byLogikcull.com
Protecting Against Petya: Ransomware and the Future of Law Firm Cybersecurity
The document discusses the increasing threat of ransomware to law firms, highlighting notable cyberattacks in 2016 and 2017 such as WannaCry and Petya. It emphasizes the importance of cyberinsurance and outlines protective measures that law firms can implement to safeguard against cyber threats. Key recommendations include establishing a data breach plan, enhancing security protocols, and ensuring compliance with insurance coverage requirements.
Law◦
More Related Content
Similar to Protecting Against Petya: Ransomware and the Future of Law Firm Cybersecurity
Protecting Against Petya: Ransomware and the Future of Law Firm Cybersecurity
- 1. Ransomware and theFuture of Law Firm Cybersecurity July 27, 2017
- 2. Agenda The Cyber-Threat Landscape TheConsequences of a Successful Cyberattack The Role of Cyberinsurance How to Protect Your Firm
- 3. Presenters Brian C. Focht TheLaw Offices of Brian C. Focht Olga V. Mack General Counsel, ClearSlide
- 4. >>> The Cyber-ThreatLandscape: A Brief History of Law Firm Cyberattacks
- 5. From the perspectiveof hackers, exactly because lawyers handle such valuable and sensitive information belonging to clients, law firms become a one-stop shop. -Eli Wald, Legal Ethics Professor (and former BigLaw attorney) “ ” 2016: “The Year of the Legal Data Breach” Feb. March Oleras Alert Elite Law Firms Breached April Panama Papers May First known malpractice suit July DNC Emails Leaked December Chinese Hackers Indicted
- 6. 2017: The Yearof Ransomware? Malware that prevents or limits users from accessing their system, either by locking the system's screen or by locking the users' files unless a ransom is paid.
- 8. 2017: The Yearof Ransomware? May 12, 2017: “WannaCry” ransomeware attack cripples >200,000 computers across 150 countries. Exploits flaw in Microsoft Windows to encrypt files Demands 300 Bitcoin payment Victims: • FedEx • Russian Interior Ministry • Britain’s National Health Service • German Train Service
- 10. 2017: The Yearof Ransomware? June 27, 2017: “Petya” or “NotPetya” attack Mimics Ransomware – First infections in Ukraine NOT True Ransomware – believed to be designed for disruption Victims: • Merck • Heritage Valley Hospitals • Cadburys • DLA Piper
- 11. Where’s the Ransom? WannaCrymade only $50,000 Why was the ransomeware so unsuccessful at raising a ransom?
- 12. >>> Consequences ofa Successful Attack
- 13. • June 27,2017: Petya ransomware virus spreads • DLA Piper’s network is hit, first in Madrid, then throughout the world • Email, phone, and computer system shut down • June 29: DLA Piper lawyers request extension in at least five civil cases • July 3: Email restored, other systems still coming back online Petya/NotPetya Shuts Down DLA Piper
- 14. Lost of Productivity,Billable Hours, Potential Litigation • Would you be able to continue working if locked out of your email, phone, computer network & client files? • Shore et al v. Johnson & Bell, Ltd: Alleged cybersecurity failings can lead to malpractice claims • Moses Afonso Ryan Ltd. v. Sentinel Insurance Co., Ltd.: Will your insurance policy cover losses from ransomware?
- 15.
- 16.
- 17.
- 18.
- 19. >>> The Roleof Cyberinsurance
- 20. Law Firm Cyberinsurance101 Yes, you probably need it Your current insurance might have it (In 5 years, it won’t)
- 21. Law Firm Cyberinsurance101 What does your policy cover? First Party vs. Third Party Emergency & Expert Services Notification Data Restoration Business Interruption
- 22. Law Firm Cyberinsurance101 When Picking a Policy, Know the Terms (or bring a friend… familiar w/ Insurance Coverage AND Cyber Security) Rider on CGL Policy vs. Cyber Liability Policy Duty to Defend vs. Duty to Reimburse Responsibility for Expenses Sub-limits & Exclusions What Isn’t Covered?
- 23. >>> How toProtect Your Firm
- 24. Is Your LawFirm Cyberattack-ready? How In-House Attorneys Can Help By Olga V. Mack
- 25. Law firms areexcellent targets... 1. Have valuable information 2. Lack effective security programs
- 26. Does Your FirmHave a Data Breach Plan? No Yes
- 27. Does Your FirmHave A CyberSecurity Team? Yes No
- 28. Let’s not blamethe victim...
- 29. Ask About SecurityMeasures
- 30. Ask About 2-FactorAuthentication
- 31. Ask About OperatingSystem Updates
- 32. Ask What’s Encrypted– And How
- 33. Ask About PasswordManagement
- 34. Ask About EmployeeSecurity Education
- 35. Ask About SecurityInsurance
- 36. Ask About DisasterRecovery Plans
- 37. Ask About… Physical Security Vendors& Service Providers Regular Backups Regular Risk Assessment Training Efforts Policies & Procedures Incident Response Plans
- 38. Having an intentional andsystematic security approach is a competitive advantage
- 39. Questions and Answers Questionscan be submitted using the “Questions” box in your GoToWebinar control Panel.
- 40.
- 41. More Resources: For thecybersecurity and eDiscovery news and tips, interviews with judges and practitioners, and more, sign up for Logikcull’s blog, Closing the Loop. • Learn how the cloud can help secure your practice. • Learn how cutting-edge technology is reshaping eDiscovery. • Download our white paper on how to safeguard client data. • See a demo of Logikcull, the powerfully simply, highly secure eDiscovery and data management software.
Editor's Notes
- #6 Feb - Russian cybercriminal under the name of “Oleras” said to be targeting law firms March - Wall St. Journal reports that nation’s biggest firms have been hacked, including Cravath and Weil Gotshal April - The “Panama Papers” are leaked, revealing confidential attorney-client information detailing tax evasion techniques May - A Chicago-based law firm was sued by a client for cybersecurity flaws that “systematically expos[ed] confidential client information” July - Emails from the DNC are leaked to Wikileaks. To this day, no one has even the slightest idea of who might have been behind the leaks. December - DOJ charges three Chinese nationals for insider trading on information hacked from firms
- #7 -WannaCry: ransomware cryptoworm that exploited the EternalBlue vulnerability in Windows. -EternalBlue was discovered by the NSA, then leaked to the public after the NSA was itself hacked -Shipping and production shut down throughout Europe, at least 16 UK hospitals closed
- #9 -WannaCry: ransomware cryptoworm that exploited the EternalBlue vulnerability in Windows. -EternalBlue was discovered by the NSA, then leaked to the public after the NSA was itself hacked -Shipping and production shut down throughout Europe, at least 16 UK hospitals closed
- #11 -WannaCry: ransomware cryptoworm that exploited the EternalBlue vulnerability in Windows. -EternalBlue was discovered by the NSA, then leaked to the public after the NSA was itself hacked -Shipping and production shut down throughout Europe, at least 16 UK hospitals closed
- #12 -Attacks concentrated in Russia, Ukraine, and India -British cybersecurity researcher discovered the malware’s “emergency shut off” switch and activated it before it spread more widely -Researchers suspect that the attacks came from the Lazarus Group, a hacking collective linked to North Korea. -Goal: Disruption, not ransom? -June 5th: DLA Piper issues “Cybersecurity Law Alert” — “WannaCry ransomware attack was just the tip of the iceberg”
- #14 -Originally reported as Petya malware, but similarities are largely superficial — thus “NotPetya” moniker adopted by some -Exploited same Eternal Blue backdoor as Wannacry
- #15 -Logikcull ran the numbers: Loss of billable hours in DLA Piper’s DC office alone could cost well over $500,000 a day. -Shore v. Johnson & Bell - client, a bitcoin exchange company, sued its attorney for poor cybersecurity, alleging the firm had committed malpractice. Case was forced to arbitration.
- #31 It is a good idea that law firms sign up for 2-factor for all services /apps that house sensitive data.