The article was written by Dr. iur. Dr. rer. pol. Fabian Teichmann in collaboration with Sonia Boticiu and published in the professional journal "Jusletter" on October 3, 2022. Ransomware refers to a type of malicious software that encrypts data or systems and allows criminals to extort a ransom for decryption. The payment is usually made via online payment instruments such as Bitcoin, as they are anonymous and decentralized. In this context, sensitive data is stolen, enabling criminals to exert effective leverage through the threat of publication of that data. Law firms are particularly at risk because they hold confidential information about their clients. Since law firms are often involved in mergers and acquisitions, they could also become targets for cybercriminals trying to steal information to disrupt transactions or manipulate stock prices. To prevent ransomware attacks, it is important to keep IT security standards up to date, regularly update anti-virus and anti-malware systems, and store data backups offline. In addition to technical measures, operational measures are also required to respond to ransomware attacks. It is recommended to have a specialized team ready to combat ransomware attacks and to conduct regular drills to respond quickly and effectively to attacks. The FBI recommends that companies do not pay ransom in ransomware attacks. There are several reasons for this: For one, it would encourage the perpetrators and give them additional resources for further attacks. Secondly, ransom payments could be used to fund illegal activities, which would have legal consequences for the affected company. In addition, there is no guarantee that the data can be recovered after a ransom payment. There is also the risk of further demands from the perpetrators. To minimize this risk, employees should regularly train their security awareness. It is also recommended that a cybersecurity risk assessment and penetration tests be conducted annually.
The author of the article, Fabian Teichmann, is a lawyer, public notary and business consultant. He is also a lecturer at various universities, where he deals in depth with criminal law issues.
For more on this topic, see Teichmann, F. & Boticiu, S. (2022). Ransomware - A Growing Threat for Law Firms. Jusletter. https://doi.org/10.38023/d438edb2-e502-4a01-838a-896c7e43cb5a.