The information provided on this blog is to, the best of our knowledge, accurate and up-to-date as of the date of posting. However, please be aware that information can change rapidly and without notice. Therefore, we cannot guarantee the accuracy or completeness of the information presented after the posting date. It is advised that readers exercise due diligence and independently verify the accuracy of information they find on this blog news feed. Here are links to the most current information available in relation to our Membership, Saskatchewan Case Law, and Saskatchewan Legislation.
In the past two weeks, two Manitoba firms have called us at The Law Society of Manitoba to say they been hit by viruses – not COVID-19, but computer viruses, specifically a ransomware virus called MAZE.
As a result of the virus attack, they have no access to email, Word, their accounting software, or any of their backups, including cloud backups. Everything is tied up by MAZE and they have been asked to pay an enormous ransom to regain access to any of their work.
The firms are working with IT professionals and cyber insurers and still are not sure how the virus took hold. We suspect that someone clicked on a link or an attachment in an email that was infected with a virus which in turn infected the firms’ entire systems. At this point, we do not know when or if they will ever regain complete access to their kidnapped data.
You are vulnerable. A ransomware virus could take over and lockdown everything a lawyer or law firm has ever created electronically – accounting software, client lists, document management systems, financial software, email, everything you ever did in Word, Excel, all the photos taken at firm events, and whatever treasures were kept on personal computers.
Ransomware viruses are often hidden in email attachments. Recently, the infected attachments appear to have been about COVID-19 including:
• Emails with a COVID-19 outbreak maps in an attachment.
• Emails inviting you to a seminar to discuss responses to COVID-19, which includes a link to register for the seminar.
• Emails claiming to be from vendors or associations about COVID-19 that include links to PDFs and Word documents.
• SMS (text) messages, indicating you need to “click here” to find out about modified firm operations.
These emails and attachments can be loaded with malware which can gain control of your remote access into firm computers and encrypt your home and work computers and anything else the malware can reach through your network.