“Dear Clients,” began the letter that law firm Ziprick & Cramer sent out in late February. “It is almost a daily occurrence that we read about cyber attacks in the news. Unfortunately, on or around January 25, 2015, our firm was the victim of a single cyber attack, by a relatively new variant of a Cryptolocker-type virus.” Cryptolocker is a kind of ransomware used to encrypt files so they’re unreadable; hackers then demand money to restore the data.
A security breach is one of the last things a lawyer wants to admit to a client. But the small firm in Redlands, Calif., faced it head-on, reporting the attack to the FBI and calling on its IT specialist to assess the damage and install safeguards to thwart future attacks. Partner Robert Ziprick says clients have been sympathetic and understand hacking is a problem for lots of businesses. “A lot of them are trying to figure it out, too,” he says.