Law Firms Are the Latest Victims of Maze’s Ransomware and Extortion Attacks

Close up of a lot of law reports in libraryWith five law firms hit within just the last week, the Maze ransomware is making itself known and should be a warning to any and all legal firms that preventing an attack is paramount.

One of the foundation elements of a law firm is the concept that clients entrust their secrets to be held in confidence. So, it makes sense the data stored at legal firms can contain information that neither the firm nor its client want to be made public. It’s the perfect target for Maze ransomware; with their modus operandi to use both data exfiltration and encryption, along with the threat of making the data public should the ransom not be paid to double their chances of payment, and law firms are squarely in the crosshairs of a scenario they never want to find themselves in.

The good news is the bad guys – like Maze and DoppelPaymer, REvil, and others – all need access to your network and use phishing attacks as their attack vector. That means you have a known method of entry and can take specific precautions to shore up security there. This includes:

  • Disable macros – and keep them disabled. Often, a macro within an office document attached to an email is the delivery mechanism. But with macros disabled, there’s no ability to launch the code, leaving the malicious attachment benign.
  • Scan your email – using a layered approach, leverage multiple solutions that scan email for malicious attachments, links, etc. This includes email gateways, endpoint-based anti-malware, and endpoint protection solutions.
  • Train your users – to be wary of suspicious, unusual, or otherwise out-of-the-ordinary emails via Security Awareness Training. Literally anything that seems out of place at all or uses language that denotes an elevated level of urgency should be a red flag for at least some degree of additional scrutiny.


Ransomware Has Gone Nuclear, How Can You Avoid Becoming The Next Victim?

There is a reason more than half of today’s ransomware victims end up paying the ransom. Cyber-criminals have become thoughtful; taking time to maximize your organization’s potential damage and their payoff.

After achieving root access, the bad guys explore your network reading email, finding data troves and once they know you, they craft a plan to cause the most panic, pain, and operational disruption. Ransomware has gone nuclear.

GoneNuclear-WEBINARJoin us for this webinar where, Roger Grimes, KnowBe4’s Data-Driven Defense Evangelist, dives into:

  • Why data backups (even offline backups) won’t save you
  • Evolved threats from data-theft, credential leaks, and corporate impersonation
  • Why ransomware isn’t your real problem
  • How your end users can become your best, last line of defense

Watch Now

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

Subscribe To Our Blog

Ransomware Has Gone Nuclear Webinar

Get the latest about social engineering

Subscribe to CyberheistNews