As ransomware continues its relentless rise, the professional service sector remains one of the most targeted sectors.
Chainalysis, a firm that tracks payments to known ransomware actors on the blockchain, has reported that 2023 was the most profitable year for the extortionists with record payments of $1.1b being made, 80% in payments over $1m.
In addition, a report from Comparitech, based on publicly available information, indicates that since 2018, 138 law firms have confirmed ransomware attacks impacting at least 2.9 million records.
This latter point is significant because theft of data not only increases the leverage of the extortion threat actors, it also is giving rise to increasing numbers of class action lawsuits from affected individuals. According to a report from Law.com, not only is 2024 “on pace to be the biggest year in the history of law firm data breach reports,” but “more than 40 data breach class actions are being filed per month in 2024.”
Ransomware and malicious cyber activity are a continuing and growing threat to professional service firms. In the worst-case scenario a cyber attack can be devastating to a firm and consequently to its clients. In the face of this, it is essential to invest in resilience to secure the firm and the data it holds, for the benefit of the firm, its employees and clients.
Resilience requires a multi-faceted strategy and Cyber Awareness month is an ideal time to review and evaluate measures to harden defenses to better prepare for response in the face of a successful attack:
To Combat Cyber Risk, Businesses Invest in Resilience
