"AvoidAClaim" Blog

LAWPRO's blog helps you avoid legal malpractice claims
Subscribe

Computer virus locks up American law firm’s files

February 27, 2014 By: TimLemieux Category: Fraud prevention, Technology

The ABA Journal has a story about a law firm falling victim to a cyber attack that locked up the firm’s computer files for ransom. Here’s the text of the article:

The good news: No law firm or client data was taken.

The bad news: Attorney Paul Goodson and his staff can’t access his Charlotte, N.C., law firm’s files after they were locked up by a computer virus, WSOC reports.

Like other businesses in the city, the firm was targeted via email. Once an attachment was opened, the Crypto Locker virus took over. Thousands of documents stored on his computer were made inaccessible, he tells the station, explaining: “It was actually an email that looked like it was coming from our phone system because our system sends voice mail messages as an attachment.”

When his information technology department couldn’t resolve the problem, Goodson tried to pay the $300 fee hackers had demanded to get his files unscrambled. But by then, the ransom offer had expired.

Detectives with the Charlotte-Mecklenburg police department don’t recommend making such payments but say they know of at least 30 cases in which the ransom was paid and the files were released. Meanwhile, the hackers reportedly have made some $30 million through the scheme.

Police say businesses that haven’t yet been targeted can protect themselves by doing regular file back-ups. They also recommend immediately turning off any infected computer and disconnecting it from the office network.

“Ransomware” infections are becoming much more common recently and are usually spread by infected email attachments or website links that trigger a download. The most common type, Cryptolocker, will scramble all the data files on your computer with virtually unbreakable encryption. You learn you are infected when a pop-up window tells you that your data has been scrambled and will be deleted unless you pay a ransom within a very short period of time, typically 48 hours or so. The ransom is typically in the range of $100 to $300 and payable only in Bitcoins, a type of virtual currency that makes payments untraceable. It is a relatively low amount so you have an incentive to pay it as a nuisance; but as you are dealing with criminals, paying it does not guarantee that you will get your data back.

This story serves as a reminder to be vigilant about email attachments and the risks they can pose, as explained in the articles Avoid the Dangers of Email and Would You Take the Bait in a Phishing Scam? from the latest issue Cybercrime issue of LAWPRO Magazine.

And from the same issue, this article explains the importance of Being Ready with an Incident Response Plan.

Print Friendly

Leave a Reply