BC law firm's computer system hacked by extortionist
December 31, 2014
The Law Society has been advised that a BC law firm found that its computer system was hacked and paralyzed by a computer virus known as the Cryptowall Virus when the staff showed up for work on Monday, December 29, 2014. Notices appeared on some of the firm’s computer monitors stating “Your files were encrypted and locked with a RSA2048 key.” The firm was advised to contact an address within 12 hours and pay an extortion fee to have the encryption unlocked. The notices further advised that if the firm did not pay the fee within the stipulated time, the fee would double. Finally, without payment, the files would be “irrevocably broken” after 30 days. The firm sought the help of its computer technician and did not pay the ransom or click on links provided by the extortionist regarding payment that may have exposed the firm to other risks. The firm had backed up its information and with the aid of professional technical assistance, was able to resume operations with systems running normally. The firm contacted the police who provided the firm with information about the virus which was likely transferred through an email attachment.
Lawyers are reminded to take steps to protect their computer systems, including regular back-up procedures, and not to open suspicious emails and attachments. Obtain professional technical help to protect confidential information if you do not have the expertise within your firm. Also, insurance can be purchased to protect against cyber risks, and certain excess policies provide some aspects of this coverage.
See section 3.3 of Code of Professional Conduct for British Columbia regarding a lawyer’s obligations to keep a client’s information confidential and Law Society Rules 10-4 to 10-5 regarding records and security of records. Also see Making your e-communications secure in the Fall 2014 Benchers’ Bulletin and Practice Watch in the Winter 2014 Benchers’ Bulletin detailing common scam attempts against BC lawyers and new professional obligations regarding the security of records. If you have questions about your professional obligations, please contact the Practice Advice department.