TECHNOLOGY by Bill Kammer
TECH TIPS AND TIDBITS Ransomware Responses In late September, the Cybersecurity and Infrastructure Security Agency (CISA), jointly with a multistate agency, released a Ransomware Guide. Sections of the guide include a discussion of ransomware prevention best practices and a checklist of responses to ransomware attacks, which can be found here: www.cisa.gov/publication/ransomware-guide. Ransomware attacks can have devastating effects upon law firms, causing major disruption and economical damages, plus potential effects on client relationships and the possibility of ethical violations. As always, lawyers remain soft targets because of a perceived lack of security and their possession of valuable client and financial information. Many smaller firms and companies often pay the ransom, perceiving that as the simplest solution. The Treasury Department just complicated that decision by
mischief. The FBI’s leading recommendation is the use of a virtual private network (VPN) whenever we sign on to a public network. Its recent report also includes a list of signs indicating your device has been compromised, and recommendations for responsive actions if your device has been compromised, which you can find here: www.ic3.gov/media/2020/201006.aspx
Zoom and MS Teams Concerns Even though many have returned to physical offices, others continue to work in home offices, even if only a few days a week. The use of video conferencing networks such as Zoom and Teams will continue to grow no matter where we work. As we become more facile in our use of these methodologies, we need to address certain issues that will frequently arise. For instance, the organizer of the Zoom or Teams meeting should determine whether to prevent
warning that paying ransomware attackers might trigger
recording and understand how to do that. And lawyers must
sanctions violations.
remember that even if they control recording within the application, any viewer or participant can record the sounds and scenes of an event with an external device such as a
Hotel Cybersecurity
mobile phone.
Lawyers travel frequently, though perhaps not so much in 2020. Years ago, we were cautioned about the lack of
Similarly, we must use passwords for our meetings to
security when using hotel computers to print documents,
prevent easy, unwanted intrusion. We should never
presentations, and boarding passes. We were warned of
provide those passwords in anything other than a secure
the dangers of inserting thumb drives in other persons’
transmission. Zoom bombings continue to occur at court
computers because doing so might transfer malware
hearings, public meetings, and law firm presentations.
secreted on those computers to our USB drives. Back home
“Eternal vigilance is the price of liberty.” The first traces
later, we might transfer that malware to our office systems
of that saying appeared about 200 years ago, but its
and personal computers, compromising or damaging them.
admonition remains equally valid today.
Now, the FBI has issued a warning about the risks inherent
Phishing and Vishing
in hotel Wi-Fi. Hotels focus on convenience to guests rather than strong security practices, often providing
By now, we all know the dangers of phishing as a gateway to
simple passwords easily guessed by those seeking to do
attacks on our networks, offices, and storage. Much has been
14
SAN DIEGO LAWYER
|
November/December 2020