Ransomware attacks continue to strike law firms. The best defense to ransomware threats continues to be regular backup of all your devices, but especially for your core systems. OBLIC has learned of malware that can encrypt the system and also delete or encrypt the backup. This can happen when the backup is managed through a domain account that purposely or inadvertently has permissions to the backup data, allowing the hacker access.

To avoid this problem, use a separate device for backup which is not “domain joined” and has a dedicated backup account with write only permissions. A separate account, with write only permissions, is also used to authenticate when sending the backup offsite. By using this configuration, the user account could be compromised without threatening the backup – because no user account has permissions to the backup data.  For more information on the subject see, Five Tips to Deflect a Ransomware Attack.

Effective backups can help ameliorate ransomware attacks. Remember, your OBLIC policy provides basic cyber coverage. If you have a cyber breach or THINK you might have been hacked, contact us at OBLIC. We’re here to help!