Print Page | Sign In | Register
Law Practice Management Tips
Blog Home All Blogs

Data Backup Quick Tip—Simple as 3–2–1

Posted By Danielle M. Hall, Tuesday, October 29, 2019
Click image for full size

With Cybersecurity Awareness Month coming to a close, now is a good time to look at your data backup processes to determine if you are in the best position should you ever suffer a breach, security incident, or even a systems problem such as a hard drive or server failure.

A common approach to data backup is to follow the 3-2-1 rule. This time-honored strategy means having at least three copies of your data, two of which are local but on different mediums, and at least one copy offsite. To learn more about backing up your data, visit the KBA member benefit partner ALPS for a 5 part series ondata backup featured on the ALPS blog.

 Attached Thumbnails:

Tags:  ALPS  Author: Danielle M. Hall  cybersecurity  data backup  KBA member benefits 

Share |
PermalinkComments (0)

Cybersecurity Awareness Month – Now is the Time to Look at Your Cybersecurity Policies and Plans

Posted By Danielle M. Hall, Tuesday, October 8, 2019

In honor of October being Cybersecurity Awareness Month, I suggest now is a good time to look at your cybersecurity policies and plans to see if they need updating. It is recommended that you update your policies and plans on a yearly basis, especially if you have made any changes or upgrades to your systems or bought any new products that may need to be addressed. Since we are approaching the end of 2019, what better time to review your policies and plans than during Cybersecurity Awareness Month. If you don’t have a plan or policies in place, now is a good time to create them.

There are great resources available that can help you create a plan for prevention, detection and response. For instance, the National Institute of Standards and Technology (NIST) have readily available resources on their website including their Cybersecurity Framework – based upon existing standards, guidelines and practices—for reducing cyber risks.

Another great resource specifically for law firms are the resources available from the ABA Cybersecurity Legal Task Force. You can find items such as a third-party vendor cybersecurity checklist, podcasts and articles related to law firm cybersecurity policies, and much more.  I also encourage you to read ABA Opinion 483, which discusses a lawyer’s obligation after an electronic data breach, and ABA Opinion 477R, which discusses securing communication of protected client information.

If you are a government lawyer and are looking for resources on cybersecurity, I highly suggest you look at the International City/County Management Association’s website. They have a whole section devoted to cybersecurity resources in relation to local governments.

Stay tuned for more cybersecurity tips coming throughout this month on the blog.

 Attached Thumbnails:

Tags:  Author: Danielle M. Hall  Cybersecurity  Cybersecurity Awareness Month 

Share |
PermalinkComments (0)

Cybersecurity Tip: Scan Your Samsung Smart TV for Viruses

Posted By Danielle M. Hall, Tuesday, June 18, 2019
Click image for full size

Samsung recently posted a tweet revealing that it is possible for your smart TV to get a virus, just like a computer. The original tweet has since been deleted, however, there is a video on the company’s website detailing how to check your Wi-Fi connected Samsung smart TV.  You can view the video here. Should you have one of these TV’s in your office or home, you need to scan the TV for viruses on a regular basis.

 Attached Thumbnails:

Tags:  Author: Danielle M. Hall  computer virus  cybersecurity  Samsung  TV viruses  virus  Wi-Fi 

Share |
PermalinkComments (0)

ABA Releases Ethics Advisory Opinion on Cybersecurity

Posted By Danielle M. Hall, Tuesday, October 30, 2018

The American Bar Association recently released ABA Opinion 483 on a Lawyers’ Obligations After an Electronic Data Breach or Cyberattack. The opinion points out that a lawyer has a duty to keep clients reasonably informed about the status of a matter and to explain matters to the extent reasonably necessary to permit a client to make an informed decision about the representation. See, KRPC 1.4.

As a result, under these provisions, a lawyer has a duty to communicate with current clients about an occurrence of a data breach. Lawyers should also be aware of their duties to past clients, and their duties of competence and confidentiality when it comes to the use of technology and cybersecurity.

To read the opinion, visit

Tags:  Author: Danielle M. Hall  cybersecurity 

Share |
PermalinkComments (0)

Cybersecurity Awareness Month

Posted By Danielle M. Hall, Tuesday, October 16, 2018

By , Deputy Disciplinary Administrator, Office of the Disciplinary Administrator

Considering October is Cybersecurity Awareness Month, I thought this would be a good time to provide some resources to help others with developing and implementing a cybersecurity plan. With new data breaches popping up on a constant basis, it is important for lawyers to understand that they are not immune from cybersecurity issues. In fact, law firms are especially vulnerable to data breaches because of the sensitive data they handle.

Because data security is more important than ever, lawyers should take the time to develop and implement a cybersecurity plan. Below you will find resources that can help. The first resource on the list, the NIST Cybersecurity Framework, is the “go to” resource for developing a plan. Additional resources include information from The Kansas Small Business Development Center and the American Bar Association. The Kansas SBDC resources include a cybersecurity assessment you can take to identify your areas of strengths and weakness in your current cybersecurity policies and procedures.

Today, the new mantra in cybersecurity is not if an organization will be breached, but when will it be breached. Now is the time to start recognizing that cybersecurity just isn’t an IT problem anymore, and everyone in your organization plays a role in keeping your client data protected.

Cybersecurity Resources:

 Attached Thumbnails:

Tags:  Author: Danielle M. Hall  cybersecurity  Cybersecurity Awareness Month  Danielle M. Hall  Tech Tip  Weekly10162018 

Share |
PermalinkComments (0)

Tips for Detecting a Phishing Email

Posted By Danielle M. Hall, Tuesday, July 24, 2018

By Danielle M. Hall, Kansas Bar Association 

When presenting CLE on data breaches, I often explain when talking about phishing that we’re not talking about the kind you do on a Saturday afternoon at the lake. Instead, we are talking about a cyber-attack that uses email as a weapon.

The goal of a phishing email is often to trick the recipient into clicking malicious links, downloading infected attachments, or sending sensitive information. For instance, when an employee clicks on a link or an attachment in a phishing email, malicious software can be installed on the computer. This could lead to malware spreading to other devices, captured passwords, stolen files, or even those files being held for ransom. Instead of trying to break directly into servers, criminals are using, and betting on, social engineering to gain access to your information. We read and open email communication all the time. As a result, human psychology is a prime target for criminals to gain access to our accounts, to our computers, and to our data.

According to the 2018 Data Breach Investigations Report by Verizon, almost of half of all malware is installed via email, and falling victim to a phishing email can have major consequences such as significant downtime, loss of access to data, and even the need to replace computer equipment. To avoid these situations, one must educate themselves on what email phishing is and how to recognize it. Below you will find 5 tips for recognizing a phishing email.

  1. Inconsistencies in Email Addresses and Domain Names. Always check the email address of the sender to see if there are any inconsistencies. For instance, the email may imply it is coming from a company such as Apple, however, you might see that that the email address is coming from a Gmail account. Another scenario is where the username in the email address uses the company name, but it is misspelled. Finally, make sure to look at the domain name to see if it matches up to the username. An example would be Cleary, this would not be from Apple.
  2. Inconsistencies in Links. If you receive an email asking you to click on a link, a good method to employ is hovering over the link to see where it will take you. The key to this technique is to not click on the link while doing it. If you hover over a link that is supposed to take you to a Google Doc, but instead the link says it will take to, this is a clear sign of a phishing email. Recently, I have seen emails that appear to be a Microsoft SharePoint email, but were actually phishing emails. When you hover over the link, the word SharePoint is in the link, however, it is followed by words that don’t match up. Even though SharePoint’s name was in the link, what followed was an indicator that it was a phishing email. So, make sure to pay close attention to the link when hovering.
  3. Demands Urgent Action and/or Seeks Personal Information. "Update your information or your account will shut down in 24 hours.”  This is a good example of a social engineering technique used by criminals to prompt email recipients to provide personal information. These emails can often create a sense of urgency and should be warnings signs to you that the email is probably fake. Using common sense in these situations will go a long way. If you are unsure about a request made, the best thing to do is pick up the phone and call to verify the email before providing any information.
  4. Includes an Impersonal Message. Phishing emails will often use greetings such as "Dear Account Holder/User,” "Dear Sir or Madam,” or may not even have a greeting at all. This could be a sign the email is a phishing attempt. 
  5. Includes Poor Spelling and Bad Grammar. Major companies take the time to ensure their communications contain proper spelling and grammar. Most won’t message their customers without a few rounds of editing. So, if you spot something misspelled or the email is filled with grammatical errors, you can be confident the email is more than likely a fake.
  6. Includes Too Good to Be True Offers. If you receive an email that offers some sort of incentive to click on a link or download an attachment, and the offer seems too good to be true, that email is probably a scam. The likelihood that it is a phishing email goes up if it comes from an unrecognized sender or the recipient did not initiate the contact. 

While this list gives you some examples of what to look for, remember cyber criminals are always coming up with new methods of attack. The best thing to do is take time to review emails carefully, use common sense, and if anything looks off, don’t click. Ultimately, taking a second to the review the email before you click will save you both time and potentially money in the long run.

Tags:  cyber criminals  cybersecurity  phishing 

Share |
PermalinkComments (0)

Five Benefits of Using Cloud Computing for Law Firms

Posted By Sara E. Rust-Martin, Friday, March 23, 2018

Today's blog was contributed by Tim Atmar of CyberlinkASP:

Five benefits of using Cloud Computing for Law Firms

Cloud computing or Desktop as a Service (DaaS), has been growing in interest and used by law firms of all sizes, largely in part to the continued development of the Cloud and better security features. Our Legal DaaS is available in a variety of different configurations based on a firm’s needs and requirements, and each of your hosted virtual desktops can be customized to individual users.

Five benefits your Firm can gain with Legal DaaS:

  1. Cost Savings– Instead of budgeting for hardware upgrades, server patches or replacements, your firm only needs to budget for DaaS subscriptions which include all your applications (including your document management and time & billing software), your data, Microsoft office suite, Outlook exchange and a host of security and compliance features.
  2.  Managed IT– With our US based support, your firm will have 24x7 access to our award-winning service team to ensure your network, applications, printers, etc. are operating at peak performance.
  3.  Mobile Access– Your employees can access their virtual desktops from anywhere over the Internet. In addition, virtual desktops can be accessed from a variety of devices, including smartphones and tablets.
  4. Data Saved in a Central Location– All files and data are stored in a central location rather than on multiple local workstations, and it is backed up on a regular basis, further reducing the risks of data loss from hardware failure.
  5. Cybersecurity and Compliance– Our Legal DaaS gives your firm the ultimate in security and compliance. Your data is protected by a Fortigate network with a complete team of security professionals monitoring links and intrusions. The Legal Cloud is HIPPA, SOX and SSAE16 compliant and audited annually for your firm’s protection.

To learn more about our Legal DaaS and application hosting solutions for your firm, call Tim Atmar at CyberlinkASP at (512) 574-1594 or go to More Information.

Tags:  Cloud Computing for Law Firms  CyberlinkASP  cybersecurity 

Share |
PermalinkComments (0)

5 Cybersecurity Steps You Should Already Be Taking

Posted By Sara E. Rust-Martin, Tuesday, January 16, 2018

5 cybersecurity steps you should already be taking

If you have not noticed yet, the ABA Journal is undertaking a yearlong cybersecurity series

Our intent is to explore this complex and tangled issue piece-by-piece to make sense of the current thinking around data protection, legal ethics and regulation.

Admittedly, these articles are often a bird’s eye view of an issue that affects every person and business a little bit differently. Additionally, targets (that’s you) experience online threats differently based on who they are and what data they have. This makes it hard to promote one-size-fits-all recommendations.

To overcome some of the amorphousness that surrounds this topic, we wanted to provide a more concrete checkup that anyone, attorneys to zookeepers, could benefit from.

This checklist comes with the usual disclaimer that you should engage in a threat assessment of your own situation to know what is the best way to protect your data. Further, these are not foolproof recommendations. Nevertheless, if you are not doing the things below, you are likely less safe for it.

    1. Have you been pwned? It is pretty safe to say we have all been hacked or compromised at this point. Between the breaches of Equifax, LinkedIn and Yahoo, information from billions of accounts have spilled out into the world. But were you one of them? While it is impossible to be 100 percent certain, there is one way to see if your account information has fallen prey to a hack. By going to, you can type in your email addresses or usernames to see if they come up in the sites database of publicly known hacks. If a hack has occurred but it has not been verified or made public, then the site will not have that information. However, it is a good first step to know if your passwords have been compromised. 

    2. Consider a password manager. If your email address came up on haveibeenpwned, your palms are probably sweaty and fear has overtaken you. This is normal, but not necessary. Let us channel that nervous energy towards getting serious about passwords. Even the grinning readers who did not see their email on the website should follow along. A password manager will help you store your bevy of passwords, which should all be as unique as a snowflake. No longer will you need gimmicks to remember which password had an exclamation point or the capital “T” in it. The manager will handle that for you. While not hocking particular software, the Electronic Frontier Foundation has some handy questions to vet a company promising you security: 

    • Is the company clear about the limitations of its product? Do not trust companies that promise the world or use buzzwords like “military grade.” That is gibberish and should be discounted.

    • Does the company share its threat model in case of a compromise? Mature companies who trust in their product will be transparent about the attacks they are prepared for and how they are prepared. Look for this documentation.

    • Does the company say it cannot or will not access your data? You might have to read the terms of service, but companies that cannot access your data by design are better. “Will not” leaves the backdoor ajar.

    • What do users say? Like everything else, you can find online reviews of password managers. Do people still trust the tool? Has the company made unfortunate headlines recently? These are all things to consider in your decision.

    When you are thinking about which manager to use, Princeton’s Center for Information Technology Policy foundthat the password managers that come default in many browsers are being used by ad trackers to scoop up your data. 

    Digital Dangers logo.

    ABA Journal series: Cybersecurity and the law

    3. Treat yourself to better passwords. It is 2018, and a password under seven characters that combines your dog’s name and your birth year are not sufficient. Nor is it cool that you have a dozen passwords that are permutations of each other. While a password manager (see above) will help keep your online life in order, you still need quality passwords to make the software worthwhile. The National Institute of Standards and Technology updated their password guidelines last year, and they recommend that you create a strong password, or longer passphrase where possible, that avoids the maddening nature of passwords with upper-case, special symbols and numbers. Think of a line from a book or song that is not that popular and easy for you to remember. This is especially important to master passwords to things like that new password manager you got after reading this article. Also, unless you are breached, NIST no longer recommends making periodic changes to your password. If it is not broke, do not fix it. Last, NIST recommends avoiding password hints or knowledge-based authentication, which brings us to… 

    4. Two-factor authentication! I hope that when you saw that header, you smugly thought to yourself, “I already do that.” If so, you’ve graduated to step five. However, if you do not know what two-factor authentication is, keep reading. Two-factor authentication is a two-step process to signing into an account. Instead of merely typing your password and logging in, two-factor will send you an email or text message with a unique passcode to enter before you can access your account. The hope here is that if your password is compromised, you have a second line of defense. All major companies have two-factor now, so take advantage of it. (For a list of sites with two-factor authentication check out 

    5. Encrypt your devices. While the word “encrypt” can sometimes make people feel uneasy, it has become a painless, low cost way to protect your information. Doing so can make you feel slightly more secure if you lose or misplace your device. Android, Apple and Microsoft now all have turnkey encryption for their devices. For Android Pixel, Samsung Galaxy S8 and later phones, they come encrypted. For iPhone users, it is as easy as turning on your passcode, which Apple says 89 percent of its customers already do. Windows, as well, makes it easy to turn on BitLocker, their encryption service. With this step, do not forget to also encrypt external storage devices you use for documents or pirated MP3s from college.

With all of this being said, stay vigilant. As a digital consumer, you are constantly playing defense against an ever-evolving offense. While these tips work for today, they may not in the future. To keep abreast of changing threats and best practices, keep track of the Journal’s ongoing series and other trustworthy news sources.

Tags:  cybersecurity  Legal Technology 

Share |
PermalinkComments (0)

Have You Considered Adding Video Conferencing to Your Practice?

Posted By Sara E. Rust-Martin, Thursday, November 9, 2017

Have You Considered Adding Video Conferencing to Your Practice?

According to a study conducted by the Legal Resource Technology Center of the American Bar Association, only about 20% of lawyers were using video conferencing in 2016. And, of those 20%, only about 4% were using video conferencing regularly. But, when compared to other businesses, that is far below average. Why? The study didn't reach that far, but there are several reasons why attorneys may not be using video conferencing. They may be skiddish about the technology, unsure about the security features, and unclear about how to make client confidentiality work in the context of both technology and security. But, other businesses are using these tools regularly because video conferencing can reduce travel and other related costs by as much as 30%.

Video conferencing comes with many benefits, particularly in a rural state such as Kansas where traveling to meet with clients can be costly and transportation can be an issue for many clients. Setting up video conferencing in one’s office can allow an attorney to meet with more clients in one day than would be possible by travel alone. And, it can allow the attorney to cover a wider catchment area as well, thereby potentially meeting needs in underserved areas.

The most important question to ask when considering video conferencing is what am I wanting this service to do for me? This question will allow you to sort through potential products and services out there in the realm of video conferencing to find the one that works best for you.

·         Do you want to collaborate on documents with clients, share screens, and chat with clients and participants while on the conference?

·         Will you use one room in the office for video conferencing that will remain set up with all of the necessary tools or will you be carrying your laptop around to do video conferencing on-the-go?

·         Are you looking for a cloud-based service and, if so, what questions do you need to ask to know what happens after the call(s) – where is the data stored and what type of security is used?[i]

Additionally, the attorney will want to consider the cost of the product. There are some free products out there, but not many. A few, such as Zoom, will allow you to use the product for free up to 40 minutes and up to 50 participants, but if you want to add the additional features, support, and functionality, then you must pay for the service. And, this is true across the board. In order to have access to increased functionality and features, the attorney will need to pay for the service and the product.[ii]

When selecting a product, be sure to pick a tool that is easy to use. You will need to be competent on this tool so by picking one that is easy to master you will better ensure your ability to reach the level of competence. Also, your clients will need to use this product and if there is an excessive amount of downloading and technological sophistication needed to use it then you may have upset clients and decreased satisfaction with your services.

Support is an important feature to think about when considering video conferencing. Paying for a product will increase the accessibility to support and this will allow the attorney to focus on being the attorney on the call and not the tech expert. Thus, if the client has trouble logging in, or there is a problem with the platform, then there is someone else to call other than the attorney having to try to troubleshoot all of the tech issues along with the legal ones.[iii]

Some accessories may be necessary to make your video conferencing services flow. You will need a computer, security software, and the video-conferencing service. Zoom, Google Hangout, Skype for Business, WebX, and Go-to-Meeting are just a few of the services on the market today. You will want to explore the products available to find the right fit for your practice. Additionally, when setting up video conferencing in your practice you will want to make sure you have a high-quality webcam and headphones. Even if you are the only one in the room, or in the building, you may want to use headphones. Oftentimes, when speaking directly toward the computer it can leave a muffled echo that does not sound professional. You will want to test your sound quality prior to the first video conference with a client.[iv]

When considering any type of technology every attorney must consider the implications to client confidentiality. Given the range of ethical issues raised by using technology in a law practice, we must always try to identify appropriate security measures to keep client information safe and protected. Here are a few questions to ask regarding technology and data security at your firm:

·         Are your physical, organizational and technological security measures adequate?

·         Are you using firewalls and intrusion detection software appropriately?

·         Are you using anti-malware software appropriately?

·         Are there firm policies in place regarding technology use?

·         Are firm lawyers and staff given adequate technology training?

·         Do you have measures in place to ensure data integrity?

·         Is your data backed-up?

·         Are your passwords, other access restrictions and authentication protocols sufficient?

·         Do you use encryption, where appropriate?

·         When discarding equipment, do you take appropriate measures to guard against unauthorized disclosure of client information?

·         Is there an incident response plan in place at your firm?[v]

Once a choice is made regarding a type of security, a video-conferencing product, and the place and type of storage for client information, all of this information should be listed in the client engagement letter providing notice to clients about how and where their information will be kept and secured by the firm.

Video conferencing can open your practice to new areas, new clients, and new possibilities. While there are many things to consider before jumping in to video conferencing, it can be an exciting opportunity to grow your practice. Before starting, you will want to remember to arrive at your conference early, every time, because software glitches happen, and you want to be prepared. If you are early to the conference, then you have a chance to troubleshoot problems and glitches. And, remember if you are on the screen, or in the room, then people can see you. You are always visible during a video conference, so be prepared to watch your mannerisms and facial expressions and be “on” for the entire call. [vi]

If you have any questions related to video conferencing, contact Sara Rust-Martin, KBA Law Practice Management Attorney, 785-861-8821, or

[i] Why Video Conferencing Belongs in the Law Firm. Law Technology Today. (May 12, 2017).

[ii] Why Video Conferencing Belongs in the Law Firm. Law Technology Today. (May 12, 2017).

[iii] Why Video Conferencing Belongs in the Law Firm. Law Technology Today. (May 12, 2017).

[iv] Why Video Conferencing Belongs in the Law Firm. Law Technology Today. (May 12, 2017).

[v] Legal Ethics in a Digital World, The Canadian Bar Ass’n (2014).

[vi] Why Video Conferencing Belongs in the Law Firm. Law Technology Today. (May 12, 2017).

Tags:  cybersecurity  data protection  legal technology  Video Conferencing 

Share |
PermalinkComments (0)

Cybersecurity Alert: All 3 Billion Yahoo! Accounts Breached

Posted By Sara E. Rust-Martin, Thursday, October 5, 2017

Cybersecurity Alert: All 3 Billion Yahoo! Accounts Breached

If you have email affiliated with a Yahoo! Account, be sure to check it if you haven’t already.

Yahoo started sending out notifications on Tuesday that a September 2016 breach was greater than originally thought.
Today, Yahoo account holders should follow these steps from PC World and CNet. Users should also evaluate their options and consider migrating to a different email platform. CNet shows users how to import  data from Yahoo to a Gmail account or users can follow these tips from UpTime JurisPage to set up a custom email address.

Tags:  cybersecurity 

Share |
PermalinkComments (0)

Safeguard Your Data

Posted By Sara E. Rust-Martin, Tuesday, August 22, 2017

Safeguard Your Data

Posted: 18 Aug 2017 05:23 AM PDT

Safeguarding your business and personal data has never been more difficult or more important. How do you safeguard sensitive/confidential data? The manner of protection often depends on what kind of data you are safeguarding and how important or sensitive it is to you, your organization, or your customers.

Here are some tips on how to protect your data at work and at home.

Password-Protect Your Access
Always use a strong password or pass-phrase to protect access to your data.

Identify Where the Data Is Stored
Have specific places within your network or computer where you store sensitive/confidential data. Those network shares, hard drives, servers, or system folders can then have specific protection methods used to keep them more secure.

Encrypt Stored Sensitive/Confidential Data
Whenever possible, encrypt stored sensitive/confidential data, whether it is being permanently or temporarily stored. This can help prevent unintended disclosure even if your system has been compromised.


Thank you to Florida Bar Association’s PRI for today’s Security Awareness Tip!

Tags:  cybersecurity  data protection 

Share |
PermalinkComments (0)

No More Ransomware: How One Website is Stopping the Crypto-Locking Crooks in Their Tracks

Posted By Sara E. Rust-Martin, Monday, July 31, 2017


No More Ransomware: How One Website is Stopping the Crypto-Locking Crooks in Their Tracks

It is about time the good guys caught up to the bad ones - or they are working on it. The site described in this article collects ransomware decryption tools and then allows the user to upload an encrypted file which it will then diagnose. Yes, that is correct, it offers the appropriate diagnosis as to which ransonware encrypted it and offers a tool to decrypt it, if one exists and/or is available.  This site could be extremely helpful to someone caught in in a ransomware attack or for someone who wants to become more savvy and educated about cybersecurity.

Really, that should be all of us because if it hasn't affected us yet, it likely will.

To read the full article, cut and paste the below link into your browser:



Tags:  cybersecurity 

Share |
PermalinkComments (0)

Security Awareness Tip: Multi-Factor and Two-Step Authentication

Posted By Sara E. Rust-Martin, Thursday, July 20, 2017

Security Awareness Tip: Multi-Factor and Two-Step Authentication

Want to better protect your information? Below are two types of authentication that can help safeguard your data and identity.

Multi-factor authentication is an approach to authentication which requires the presentation of two or more forms or “factors”: a knowledge factor (something you know), a possession factor (something you have), an inherence factor (something you are) and a geo-location factor (someplace you are).

Using your PIN (“something you know”) while making a purchase with your debit card (“something you “have”) is an example of multi-factor authentication.

Two-step verification, another useful authentication method, sends a verification code to a user’s phone after the user enters his or her username and password; this code must be entered to gain access to the account. Several websites, web applications and e-mail service providers offer this option. If offered as an optional feature, it is worth it to enable it for better security.

Tags:  cybersecurity 

Share |
PermalinkComments (0)

Navigating a Ransomware Attack

Posted By Sara E. Rust-Martin, Monday, May 22, 2017




Last week, the ransomware infection “WannaCry” invaded hospitals, universities, and many other institutions and organizations here in the United States and abroad. Ransomware is a unique form of malware. Once it invades a network, it can prevent users from opening their files because the files have been encrypted. The files are held hostage, and the users must pay a fee to be provided the decryption key. 

There is a good chance that ransomware could affect you at some point during your career. So, if you find yourself in the middle of this difficult situation, take a deep breath and know that there are steps you can take to minimize the damage. Here are some questions to ask to help you through this process:

1. Where did the ransomware start?

Which user opened the infected email or file? The person who brought the problem to your attention may not be the person who opened the infection. You may need to examine the properties of one of the infected files to determine the file owner. Ask questions of your staff and partners. 

Ask users to retrace their steps. Did they:

Open any new documents?
Click on any attachments or links in an email?
Visit any websites they don’t normally visit?

2. How far has the ransomware spread?
Once a user has opened the infection, usually through an email or attached file, then that person’s computer is infected. But, the ransomware can spread beyond that machine throughout the network and the first step is to determine how many machines are affected and then isolate those machines and disconnect them from the network to prevent the further spread. Most ransomware strains will make changes to encrypted file names:  ex. .Dharma or .CrySis. Looking for these extensions can help you determine how far the infection has spread.

3. How can I determine the type of ransomware with which I’ve been infected?
Determining the type of ransomware with which you’ve been infected is a key step because it may help you decide whether to pay for the decryption key. Not all ransomware attacks are effective and they all do not encrypt the data. Other ransomware types are able to be decrypted without paying for a key and still others are notorious for not delivering effective decryption keys. These examples offer illustrations of why you would not want to pay the ransom. But, there are other more sophisticated ransomware tools that will make your decision more difficult. 

It is always important to fully understand what you are working with before deciding what to do. As of Wednesday, May 15, only $55,000 in bitcoins were paid for the massive ransomware attack, “WannaCry.” While this is a lot of amount of money, it is not as significant given the number of “Wannacry” ransomware infections across the globe. But, this amount is expected to grow, although no one knows by how much.

WannaCry is different from other ransomware attacks, like the ransomware attack “Locky” which required user interaction in the form of opening a link, “WannaCry” spread automatically if the user had not installed the latest Microsoft update. And, once it was inside a network it spread like wildfire. 

For those of you who have not updated your computers, Microsoft offers guidance for protecting your computer here:

The information provided by the ransomware, in the URL and in the ransom screen, can     give us some insight as to the type that has infected your computer. If you can’t gather the type of ransomware from the URL or ransom screen, then try the .exe file name. Remember, ransomware comes in the form of an .exe file. Try typing that .exe file name into your browser to see what types come up for you. If nothing comes up, try google. Search for the ransom screen message, the .exe file name that has been applied to all of your files, and even for some of the random things that are happening to your office computers. There are probably others out there who have similar experiences and might be able to offer you some advice.

4. Can I get my files back? 
Your files are encrypted and unless you have the decryption key you are not going to be able to access them. As discussed earlier, there are flawed ransomware infections used that computer experts have been able to decrypt without a key. However, most of the time it will take a decryption key. The best options available to you is to have a back-up file system either on disc, off-site, the cloud, wherever you choose to keep your files. But, best practice suggests that you have 2 back-up locations for your files and data so you are able to keep working should your on-site data be attacked. Another question to consider here if you do not have a back-up for your files is:  do I pay the ransom? It really depends on your particular situation. The authorities will discourage you from paying the ransom because you will be making yourself a target for future attacks. But, if your data is irreplaceable then you may have no choice. You will need to consider all of the options and consequences.

5. How do I make sure my computers are safe again?
I suggest wiping the hard drive and restoring it to the factory settings. You would then add your data from your back-up. If you don’t have a back-up then you will need to use the process below so that you can keep the data on the computer.  

Step 1: Enter Safe Mode. Before you do anything, you need to disconnect your PC from the internet, and don't use it until you're ready to clean your PC. 
Step 2: Delete temporary files. 
Step 3: Download malware scanners. 
Step 4: Run a scan with Malwarebytes.

6. How to keep your data safe in the future:

Run all system updates on your Windows machine immediately.
Update your virus protection software. 
Run a backup to ensure you have a protected copy of your files.
Avoid web pages that aren’t regularly updated, or that you don’t already trust. 
Don’t click links to documents or web pages from someone if you are not expecting them.
Don’t open files in Facebook Messenger, or other apps where videos automatically play unless you were expecting them. 
If you have questions about a file, call the sender before you open it.

The chances are that we will all have to deal with ransomware at some point. I hope this information helps you think through the situation and come to a helpful resolution. 

If you would like more information about malware, ransomware, or computer security, please contact Sara Rust-Martin, KBA Law Practice Management Attorney, at 785-234-5696, or by email at

The contents of this blog are informational only and should not be construed as providing legal advice. 

Tags:  computer security  cybersecurity  Malware  Ransomware 

Share |
PermalinkComments (0)

Enhancing Computer Security

Posted By Sara E. Rust-Martin, Monday, May 15, 2017


Enhancing Computer Security

Did you hear about the ransomware attack this morning? It seems as though cybersecurity is a growing concern for all of us.

Hackers and identity thieves are constantly looking for personal information to steal – and yours and your clients could be next. But there are protections you can put in place to safeguard your information, such as keeping your software up-to-date, only providing your personal information on secure, encrypted websites, and protecting your passwords.

Select Security Software that Updates Automatically

Hackers and identity thieves are continuously developing and evolving in the ways they can attack your computer and mobile devices, making your security software essential at every step. While most security software products have the capability to update automatically, they must be set to do so; make sure your security software is set to update automatically on all of your devices. In addition to your security software, set your operating system and web browser to update automatically so they are better able to support the updates to your security software, making it more difficult for a bad guy to sneak in malware or spyware on your computer.

When searching for security software to purchase, only purchase from a reputable company. You never want to purchase security software from a company you’ve never before heard of saying they’ve scanned your computer and found viruses, and, as a result, offering a “deal” because these are usually either worthless or, worse, imposter scamming programs aimed at installing the very programs they purport to prevent: malware.

Provide Personal Information Over Secure, Encrypted Websites

Your mind may immediately go to shopping and banking sites when told to protect your personal information online. But, there are many other sites where we share our information online and using informed, safe practices across the board can be the difference between hackers and thieves tracking your information and not. First, stick to sites that use encryption. Using encryption protects your information as it travels from your computer to the host site’s server. You will want to inspect each site before entering personal information. You will know the website is secure and encrypted if the beginning of the web address is https (the “s” is for "secure").

Next, you will want to inspect each page you visit on the website. Some sites only encrypt the first page, or the sign-on page, of the website. This means that the rest of your visit to the site could be vulnerable. Be sure that every page you visit has the “https” website address.

Protect Your Passwords

The best advice for protecting your password is to create strong passwords and keep them in a safe location. But, it is, of course, more complicated than just these simple principles, so here are a few additional guidelines:

·         When creating a password, it is important to remember that the longer the password, the harder it is for the hackers and thieves to break through. As for an ideal length, twelve is the magic number with ten characters being the minimum recommended.

·         When creating a password, don’t use predictable information like your birthdate, name, or other information that would be easy for a hacker or thief to easily break through. Instead, mix letters, numbers, and special characters.

·         For many of us, it is easy to use the same password for multiple accounts. But, this is not recommended. If that password is stolen from your computer, or from an app where you have it stored, or even from a company with which you do business, then that thief or hacker now has access to all of your accounts.

·         When storing your passwords, keep them in a secure place out of plain sight. Be very cautious about sharing them with anyone and never share passwords over the phone, in texts, or by email.     Legitimate companies will not send you messages asking for a password. If you receive such a message, it is probably a scam.

In addition to your computer software, encrypted websites, and password protection, you will also want to back-up important files onto a removable disc or an external hard drive, and store it in a safe place. The cloud is also an option for backing up files and can be accessed remotely. By backing up your files, you are ensuring that if your computer is compromised you will still have access to your client files. While no system can be completely secure, the guidelines and tips above will provide you with a more secure overall computer system. Scammers, hackers, and identity thieves are on the prowl and it is up to us as lawyers to secure not only our personal information but also that of our clients.

For more information about cybersecurity software or secure cyber practices, contact Sara Rust-Martin, KBA Law Practice Management Attorney, 785.234.5696 or email at

Tags:  computer security  cybersecurity 

Share |
PermalinkComments (0)
Page 1 of 2
1  |  2