Ride the Lightning

Cybersecurity and Future of Law Practice Blog
by Sharon D. Nelson Esq., President of Sensei Enterprises, Inc.

State Bar of Georgia Suffers Ransomware Attack

May 4, 2022

I learned on May 3 that the State Bar of Georgia had suffered a ransomware attack. They are in the recovery process and posted the following on their website.

“The State Bar of Georgia recently learned of unauthorized access to its network. Upon learning of the unauthorized access, we immediately took steps to secure the network, a cybersecurity firm was engaged and a thorough investigation is being conducted. An endpoint detection and response system is being deployed throughout our network, which includes real-time continuous monitoring, analysis and response capabilities. We are still investigating the incident and have not determined what information, if any, the unauthorized actor may have accessed. Updates will be posted on www.gabar.org as additional information is available.

The offices are open and Bar staff is available to assist you to the best of our abilities. Access to the network, website and email is not available at this time.”

The significant point here is that apparently the Bar did not previously have an endpoint detection and response system (EDR) in place. All law firms, bar associations and other entities should have an EDR solution in place at this point. At this point, an EDR (which is not overly expensive) is, in our opinion, ethically mandated as a “reasonable” step to protect confidential data.

Update on May 11: I was advised by Paula Frederick, the General Counsel of the State Bar of Georgia, that the Bar had an Endpoint Detection and Response (EDR) system in place prior to the breach. The Bar’s post did not indicate that so I presumed they did not have an EDR. Ms. Frederick advised me that the Bar installed and deployed a second EDR.

Sharon D. Nelson, Esq., PresidentSensei Enterprises, Inc.
3975 University Drive, Suite 225Fairfax, VA 22030
Email:   Phone: 703-359-0700
Digital Forensics/Cybersecurity/Information Technology