as zip files) containing executable files
before they reach a user’s inbox.
• Keep operating systems, browsers
and browser plug-ins, such as Java and
Silverlight, fully updated.
• Program hard drives on your computer
network to prevent any unidentified user
from modifying files.
• Regularly backup data with media not
connected to the Internet.10
Other computer security experts
stress education. Authors of the ABA
Cybersecurity Handbook note the following:
• “First…personnel education is critical
to any effort to ensure adequate network
security.”
• “Second, law firms may need to go
beyond educating their lawyers and staff
by setting policies restricting certain uses
of technology.”
• “Third, law firms should discuss with
clients the clients’ expectations regarding
data security.”
• Fourth, law firms should consider
bolstering their overall information
security programs.”
• “Finally, law firms should acknowledge
reality: No security system is guaranteed
to be impenetrable.” Because breaches
in security will occur, it is important not
only to minimize the likelihood, but also
to be able to mitigate the impact.”11
PC Magazine Encyclopedia, available at http://www.
pcmag.com/encyclopedia/term/55712/ransomware
2
See e.g. Software security company Trendmicro’s
definition and description of the malware, available
at http://www.trendmicro.com/vinfo/us/security/
definition/Ransomware
3
Dysart, Ransomware Software Attacks Stymie Law
Firms, ABA Journal, June 2015, available at http://www.
abajournal.com/magazine/article/ransomware_software_
attacks_stymie_law_firms
4
Id.; Waugh, American Law Firm Admits Entire Server
of Legal Files Fell Victim to Cryptolocker, available at
http://www.welivesecurity.com/2014/02/10/americanlaw-firm-admits-entire-server-of-legal-files-fell-victimto-cryptolocker/