Introduction
In an era dominated by technology, the cyber threat landscape is evolving at an unprecedented pace and is posing significant challenges for all industries in Canada. The evolution and reliance on technology exposes us to significant risks – in particular, ransomware. Ransomware remains a top cybercrime threat for critical infrastructure in Canada,[i] and it is critical for law firms to understand and take action to mitigate the risk.
What is Ransomware?
Ransomware is a subset of malware; malicious software designed to infiltrate a computer system. It aims to limit an individual’s access to data or systems by encrypting information and blocking individuals from logging into devices, until a sum of money is paid to the threat actor.[ii] There are a few notable cybercrime groups that engage in “ransomware-as-a-service” business, which is selling ransomware to other threat actors.[iii] For example, in spring of 2024, the LockBit group claimed responsibility for a cyberattack on London Drugs, a Canadian pharmacy, threatening to publish stolen information after failed negotiations for ransom. Information stolen may have included employee data and corporate files.[iv]
Ransomware has evolved as a threat, particularly in the last couple of years. Artificial intelligence tools have not only been used to generate large quantities of malicious code quicker, but to deploy certain social engineering techniques, like phishing, at a greater scale and in a sophisticated manner.[v]
Cyber vulnerabilities that can make experiencing ransomware a heightened possibility includes outdated software, human errors, and poorly configured data systems. However, these issues can be mitigated against with a few simple steps.
Protecting Against Ransomware Attacks
What Steps Should Your Firm Take?
- Conduct a cybersecurity audit: Identify potential vulnerabilities in your systems, and address gaps as soon as possible.
- Invest in robust cyber defences: Investing in cyber defences, such as firewalls for network security, enabling multi-factor authentication across the IT environment and ensuring software remains updated can help reduce the risk of cyber-attacks and, in the event a breach occurs, help contain the damage.
- Prioritize employee training: Providing employees with cyber training can decrease the chances of falling for phishing emails that could lead to malicious downloads. This includes encouraging employees to use strong, unique passwords.
Conclusion
Ransomware attacks present unique questions to lawyers on liability and risk allocation; whether fault lies with the firm, third-party vendors, or employees in the event of a data breach caused by cyber criminals. In addition, confidentiality and data security that lawyers and law firms are entrusted with emphasizes the importance of addressing cyber vulnerabilities. Cyber incidents can freeze a law firm’s operations, lock clients out of critical information, expose client confidential information and lead to reputational damage.
Although these threats persist and are likely to remain so for the next few years, it is important to understand what can be controlled. Staying current and informed of cyber threats is not an option for lawyers. It is a necessity in order to maintain a cybersafe legal practice.
Any article or other information or content expressed or made available in this Section is that of the respective author(s) and not of the OBA.