Lawyer’s Mutual of North Carolina has posted the following warning about law firms being targeted in “ransomware” scams. We’ve seen firms in Ontario fall victim to this type of cyber attack. You can read more about ransomware and other kinds of malware in this previous post.

Put Your Hands in the Air and Give Me Your Bitcoin

A few North Carolina law firms have become victims of the latest cyber threat – ransomware.

You’ve heard of malware which is software intended to damage or disable computers. Ransomware is software designed to block access to a computer system (hold your client files hostage) until a sum of money is paid. If the money isn’t paid, your files stay encrypted forever.

The makers of ransomware appear to have increased their activity as more law firms report being hit.

Many malicious computer attacks require that the user click on something. However, the most recent versions have been using digitally signed certificates to appear authentic to security programs. Then, the ransomware is embedded within advertisements on websites. This has allowed them to evade detection by most anti-virus products while requiring little or no action by the user in order for the virus to be downloaded.

We have received a report of the virus being installed when a user visited a legitimate website and an infected advertisement on that website began automatically running, which downloaded the virus.

What you can do to reduce your risk:

  • Make regular backups of your data system and do not have them accessible through your network. Some options include daily or real-time cloud-based backups or nightly serial backups onto an external drive that is disconnected when not backing up the system.
  • Install an ad blocker plug-in on your web browser such as Adblock Plus.
  • Keep your web browser up to date.
  • Keep your anti-virus software up to date.
  • Enable the “Click to Play” feature on your internet browser and for any plug-ins.
  • Be vigilant about the websites you visit.
  • Think before you click – some viruses are disguised as security alerts such as telling you there is a virus on your computer, exploiting your desire to click on the window quickly to get rid of it…only to then find that it was a trap.
  • Do not click on advertisements – rather go to the company’s page by typing in its normal web address URL.
  • Avoid clicking on links in suspicious emails.
  • Do not download attachments unless you are sure of their source and content.

If you are a victim, the FBI’s recommended course of action is to “scrub your hard drive and restore encrypted files from a backup”. It is also recommended that you file a complaint with the Internet Crime Complaint Center (IC3) at