Just a couple months ago, the Wall Street Journal reported that hackers broke into several prestigious law firms, including Cravath Swaine & Moore LLP and Weil Gotshal & Manges LLP. Law firms’ computer systems hold a wealth of information of special interest to hackers, such as trade secrets, information about clients—especially large, corporate clients—and other sensitive information. These breaches in security are usually characterized by large amounts of information being stolen at once and then analyzed later. Fortunately, if you’ve discovered your law firm has been attacked, recovery is possible.
Even if your law firm hasn’t been hacked yet, chances are it will be. That’s why it’s important to have a step-by-step recovery plan. We’ve pulled together some tips from experts across the web to help you out.
- Don’t panic. Even if your law firm just experienced the largest information breach of all time, don’t panic. A calm, clear mindset will help you keep your focus on recovery.
- Create a plan. Network World suggests that once you discover a breach, you’ll need to create a plan tailor-made for the incident. Include communications (who to notify and what to tell employees), a technical analysis of the breach and a way to find out if there’s still an active threat.
- Collect evidence. Keep your evidence as pure as possible; otherwise, it may be rejected by the courts. Beta News recommends making sure your law firm’s security team doesn’t alter or erase any logs.
- Restore your normal business process. If your law firm’s computer system has a backup, you may want to restore it. You’ll also have to look into whether your security team will have to adjust firewalls, block IP addresses or implement other recovery procedures, Network World suggests.
- Apply lessons learned. Moving forward, focus on prevention. Educate and train employees on cyber security and create regular system backups. In addition, check out our previous blog on how law firms can prevent cyber attacks.
If your law firm is located in the Kansas City area and has experienced a data breach, call MDL Technology at 816-781-3006 or email us at info@mdltechnology.com for disaster recovery help.