ALIA is warning Alberta lawyers about a ransomware called Matrix, after an Alberta firm reported that its data had been encrypted and it subsequently lost access to client and other files. Matrix is believed to have been the cause.
Matrix is a ransomware that reportedly exploits Remote Desktop Protocol, a Microsoft network communications protocol, to access computers within a network. Once data is encrypted, a ransomware note appears instructing the user to send a small number of encrypted files (and other information) to the attacker and stating that decrypted files will be returned. Victims have reported that the ransom demand follows.
Costs of a ransomware attack can include hiring specialized IT services, replacing computer equipment, and paying the ransom. Individuals might also lose access to files permanently, and the Canadian Centre for Cyber Security (Government of Canada) has warned that payment of ransom in ransomware cases generally does not guarantee return of files or access and may even result in further extortion.
Prevention is Critical
While cyber insurance products can help address the consequences of cybercrime, they do not prevent it. There are numerous resources available for firms to develop strategies to protect themselves, including those offered by the Canadian Centre for Cyber Security and commercial service providers (for example, IT security experts). A sampling of general tips includes the following:
- Back up files on a regular basis. Ideally, backups should be diversified, so that the failure of any single point will not lead to irreversible data loss (for example, one copy in the cloud and another on an offline physical media).
- Be wary about email attachments and hyperlinks. Malware is often spread through phishing emails and hyperlinks received via social networks and instant messages.
- Protect your computer with active and updated anti-virus software, spyware filters, email filters and firewall programs.
- Patch and keep up your operating system, antivirus software, browsers and other applications. Malware often exploits security vulnerabilities in existing software, something patches can help prevent.
- Consult an IT professional as to other steps that should be taken in your systems, computers and devices. There are many specific, technical steps that should be considered, which may involve items including file sharing, remote services (including security strategies for Remote Desktop Protocol), unused connections, and enhancing the security of common applications.
- Develop a business continuity plan and incident response plan.
These are intended only as examples of steps that should be taken. You should consult an IT professional to help develop a comprehensive strategy.
ALIA’s indemnity program covers subscribers against negligence and misappropriation in accordance with the terms of the group policy, but it does not currently provide coverage against cybercrime. ALIA recommends that all lawyers in Alberta obtain cybercrime coverage.
ALIA has arranged with its Broker, Aon Reed Stenhouse, to make available a robust cyber policy for any lawyer in Alberta who wants to purchase it called the BBR Policy. More information on purchasing this insurance coverage can be obtained by emailing firstname.lastname@example.org As previously advised in our
November 21, 2018 ALIAdvisory
, cyber insurance can also be obtained from almost every commercial broker or from the Canadian Bar Insurance Association/Lawyers Financial (“Lawyers Financial”) and the Canadian Lawyers Insurance Association (“CLIA”). It is important to note that cyber products do vary and not all products provide the same coverage. ALIA encourages Alberta lawyers to consider their options for coverage.