February 27, 2020

February 27, 2020

Subscribe to Latest Legal News and Analysis

February 26, 2020

Subscribe to Latest Legal News and Analysis

February 25, 2020

Subscribe to Latest Legal News and Analysis

Can You Really Protect Against Ransomware?

We’ve written a few times recently about municipalities, companies, and government agencies hit with ransomware attacks this year. In early July, it was reported that a court system in Georgia was attacked with ransomware, causing lawyers, court employees and the public to have to rely on “old school” paper to file pleadings and keep the court system running. This got me thinking about ransomware, and then I came across a Security Tip (ST-19-01) sheet from the Department of Homeland Security, Cybersecurity and Infrastructure Security Agency (CISA) that I thought was worth sharing.

The tip sheet has three key suggestions to protect data and networks: back up data, store backups separately, and train your staff. Anyone who ever had a personal computer “crash” back in the day knows that having backup files is invaluable. Imagine if your entire company’s data, or your municipality’s or court system’s data were completely inaccessible. What would you do?

Being prepared by having data properly and completely backed up with files off-site and able to be restored in the event of a ransomware attack means the difference between being down for a brief period of time and being locked out of data permanently or potentially paying thousands of dollars for a decryption key that may or may not work. The federal government wants you to report ransomware attacks to the FBI and not to pay ransom at all.

Staff training is also critical, so staff is aware of all of the things that bad actors will do to try to trick people into clicking on malicious links. Simple things like calling someone to verify if they actually sent an email with new bank routing information or if they sent a request for confidential documents go a long way to protecting a company from a cyber-attack.

What else can a company do? Think about cyber liability coverage for ransomware attacks and other cyber threats. That premium payment for cyber coverage would be minuscule compared to the potential cost of a ransomware attack.

Copyright © 2020 Robinson & Cole LLP. All rights reserved.


About this Author

Deborah A. George, Robinson Cole, Cybersecurity lawyer

Deborah George is a member of the firm’s Business Litigation Group as well as its Data Privacy + Cybersecurity Team.

Deb advises clients on and focuses her practice on data privacy and security, cybersecurity, and compliance with related state and federal laws. She also has experience providing counsel in civil litigation and employment law matters.  She has significant experience offering advice and counsel on legal issues related to human services agencies, including Medicaid, as well as  drafting and reviewing contracts, business associate agreements, and data use agreements. ...