I drove past a gas station in my neighborhood today, and I was surprised to see that the price for a gallon of regular gas is north of $3.10, considering last week the price was right around $2.65. Turns out, these prices are fallout from a ransomware attack on the Colonial Pipeline, the biggest refined products pipeline in the United States.
Ransomware is now the biggest cybersecurity concern for chief information security officers around the globe, who say they are unprepared for an attack. Experts are convinced that with the transition to remote work and digitization in all industries, cyberattacks will grow. In October, Seyfarth Shaw LLP and Fragomen, Del Rey, Bernsen & Loewy LLP both disclosed security incidents, and, given what we know, there will be more of these incidents in the future. If a huge system like Colonial Pipeline’s is vulnerable, our law firms and small practices are that much more so.
So what can you do? Start now with simple steps like ensuring you are the only one using your devices. If possible (and this may be impossible these days) have discrete devices for work and home. Do not (really don’t) reuse the same password for multiple accounts. Get a password manager and change passwords regularly. And don’t share your passwords (or tape them to your monitor or under your keyboard). For a more robust response, Lexology has a list of seven questions a law firm or law office should address in order to develop an effective cyber hygiene program.
More information on how to secure your law firm can be found at the following resources: