Cybersecurity 101: Malware Basics For Lawyers

July 16, 2020

While most legal staff aren’t expected to be extremely tech savvy, there are certain cybersecurity fundamentals that all lawyers should have an understanding of. From being able to spot an email phishing scam to knowing how to set up a strong password, grasping even the basics can help your law firm stay safe against data breaches.

One basic cybersecurity tip is knowing what malware is, how it operates, and the different types of malware that are out there. And if you work at a law firm, malware is definitely targeting you. Between the courts, prosecutor’s offices, and many other legal organizations, law firms top the list when it comes to being victim of a ransomware attack, with 61.36% of attacks on the legal industry targeting firms specifically. Firms of any size and scale can be victims, too. In fact, just a few months ago, Manhattan-based entertainment law firm Grubman Shire Meiselas & Sacks was the subject of a ransomware attack that saw 756 gigabytes of celebrity data stolen off their network. But ransomware is not the only threat out there. In fact, there are a plethora of security threats that can bring your firm to a standstill if your firm isn’t proactive enough about their cybersecurity.

An Explanation of Malware

Malware is essentially malicious software that is written with the aim of damaging computing devices.  Examples of malware include ransomware, spyware, trojans and viruses. Most malware is developed with the intent of being sold on the Dark Web or by being spread rapidly between computer systems. However, some are created for other reasons: as a vehicle for protest, as a digital weapon for political purposes, or as a means of testing an organization’s cybersecurity system.

Malware in Its Many Forms

Viruses are actually pretty common.  Similar to traditional viruses that harm the human body, the digital variety latches onto otherwise-clean files and infects them.  Unfortunately, viruses can spread uncontrollably, compromising the core functionality of the system, corrupting files or even outright erasing files.  The typical virus manifests itself in the form of an executable file, also known as an .exe.

Another type of malware is Adware, an aggressive form of advertising software that sabotages systems to serve up intrusive and malicious advertisements and popups. Adware can be incredibly frustrating and downright annoying to deal with, but they are often not as harmful as other types of malware.

Additionally, there are also Botnets, which are best described as entire networks of compromised computers.  These networks are designed to function in unison while being controlled by an attacker.

Trojans, on the other hand, are a type of malware that conceals itself as supposedly legitimate software or is concealed within seemingly legitimate software that has actually been compromised.  Trojans act in a secretive manner, generating back door entrances into systems and networks to permit other malware to enter.

Worms are especially problematic in that they infect full networks of devices, be it across the web or locally.  Worms wreak havoc with the use of network interfaces.  Sadly, once a single machine is infected, it is likely to spread the infection to additional machines at your law firm.

Stay Protected

No matter which form of malware you are dealing with, it’s important to remain vigilant and be proactive about your firm’s cybersecurity. Question everything that you interact with while browsing the Web, don’t open suspicious email links or attachments, and always keep your machine’s operating system up to date. By following just a few basic security guidelines, your firm will be that much safer against crippling cybersecurity attacks and data breaches.

Still worried about your readiness to deal with a data breach or malware? We can help. Rekall safeguards over 150 law firms nationwide. Learn more about how we can protect your law firm here.