Ride the Lightning

ABA Provides FBI Cyberalert to Law Firms Regarding Ransomware

April 21, 2016

Ransomware is an epidemic these days – and law firms have been hard hit. The ABA has e-mailed its members including a link to a Ransomware Information Sheet. The document presents very useful information about ransomware and how to prevent an infection. I found the following language entertaining.

"The FBI does not advocate paying a ransom to an adversary. Paying a ransom does not guarantee an organization will regain access to their data. In fact, some individuals or organizations were never provided with decryption keys after paying a ransom. Paying a ransom emboldens the adversary to target other organizations for profit and provides a lucrative environment for other criminals to become involved. Finally, by paying a ransom, an organization is funding illicit activity associated with criminal groups, including potential terrorist groups, who likely will continue to target an organization. While the FBI does not advocate paying a ransom, there is an understanding that when businesses are faced with an inability to function, executives will evaluate all options to protect their shareholders, employees, and customers."

The FBI obviously gets the fact that law firms will indeed pay the ransom if they cannot restore data from a clean backup. And the truth is that, once the ransom is paid, most cybercriminals will provide the decryption key. There is no honor among thieves, but they are (by in large) smart enough to realize that their income depends on people knowing that paying the ransom will generally be a successful means of getting the data back.

E-mail: Phone: 703-359-0700
Digital Forensics/Information Security/Information Technology
http://www.senseient.com
http://twitter.com/sharonnelsonesq
www.linkedin.com/in/sharondnelson