Ransomware and Cyber Extortion Process
Due to the value of their data, Law firms are a target of by online extortionists. The SafeLaw cyber extortion response team provides firms with leading technical and legal resources to help firms minimize loss from ransomware and cyber extortion threats. Randy Sabbet from Cooley LLP leads the SafeLaw cyber extortion response team. A summary of our methodology for responding to ransomware and cyber extortion threats:
The SafeLaw extortion response team includes experienced cyber extortion experts from Mandient, AVG, Verizon, and Trustwave as well as legal experts where necessary. Randy Sabbet will deploy the best technical resources to evaluate the threat. The technical experts will help the firm immediately determine the type of ransomware used or the veracity of threats to disclose data, damage electronic data or disrupt the firm’s computer system. In many cases, the extortionists will be professionals and our technical experts will be able to determine who they are, what kind of attacks they use and if they will honor their promises once paid. Our technical experts will also help the firms terminate the threat when possible, preserve evidence, and resecure the firm’s network.
Once the firm has investigated the attack, our technical, legal, and financial experts will help the firm negotiate a solution with the extortionists. In most cases, the extortionists will require payment by Bit Coin. In such cases, our technical experts will help the firm transmit payment and acquire any unlock codes where applicable. Depending on the length of time it takes to negotiate with the extortionists, our crypto engineers may be able to reverse engineer ransomware attacks or close any security vulnerabilities in the firm’s system.
Depending on the type of attack and damage caused, our cyber extortion response team will help the firm rebuild damaged or lost data, resecure the network and bring it back online.
Once the damage has been mitigated, our forensic accountants to help the firm value any losses from the attack. Most extortion attacks simply result in a loss of money and expert expenses. However, more serious attacks can result in business interruption losses, extra expense and data restoration costs as well.