• Client Portal
    • Support
    • Contact Us
    • 1.800.541.0450
    • Request a Free Consultation
ICS_Logo_transparent.png
  • Practice Groups
  • Services
  • Partners
  • About Us
  • News & Events
  • Resources
  • Blog
Innovative Insights

Is Your Firm Secure?

Posted by William Pate

March 13, 2018 3:14 PM

  • Tweet

Hackers' methods continue to evolve. That means your security must evolve. 

To adequately protect your firm, you need:

Read More

Topics: Security, Training, Malware, Information Governance, Email Management, Network, Access Control, Mimecast, Dual Factor Authentication, whaling, cybersecurity, Passwords, Biometric Authentication, Two Factor Authentication, Ransomware, Hacking, Advanced Persistent Threats, phishing, Antivirus, Cybercrime, Enterprise Mobility Management, Mobile, Email Security, 2FA, Information Security, Penetration Testing, Vulnerability Testing, firewall

Pokémon GO Uses “Security Problems!” It’s Super Effective!

Posted by William Pate

July 18, 2016 5:40 PM

  • Tweet

Our partners at the cybersecurity firm SentinelOne have shared the below blog post on recent security problems with Pokémon GO. Remember to ensure your devices are secure from all threats, including those hidden within apps.

 

The past week has evoked an unfamiliar sight in many of the country’s public areas: Hundreds of young adults—heads down, eyes glued to their phones—wandering through public parks in search of Pokémon. In many ways, Pokémon GO represents a seismic societal shift. No other game has really captured the potential of augmented reality in a way that’s really seized the public imagination. By the same token, another seismic shift has opened up—a whole lot of people are suddenly getting an unpleasant education on the dangers of mobile malware, account privacy exposure, and GPS hacking.

Read More

Topics: Security, Malware, Technology Consulting, IT Tips, SentinelOne, cybersecurity, Ransomware, Endpoint Protection, Pokémon GO, Cybercrime, Mobile

The Rise of Ransomware (In More Than One Way)

Posted by William Pate

June 21, 2016 2:20 PM

  • Tweet

The frequency and intensity of malware attacks only continues to increase. The increase seems especially concentrated among those in the banking, financial services, health care, legal (and here and here) and governmental sectors.

Read More

Topics: Security, Malware, IT Tips, cybersecurity, Ransomware, FBI Internet Crime Complaint Center, US-CERT, Cybercrime

Low Tech with a High Cost

Posted by William Pate

June 14, 2016 3:53 PM

  • Tweet

I know I paid my taxes, and I know if there's a problem with them, the Internal Revenue Service (IRS) will send me a letter telling me so. Knowing the above has prevented me from falling victim to recent calls to my mobile phone claiming to be from the IRS. In fact, here's a recording – caught by the Federal Trade Commission (FTC) – of what the messages left behind sound like.

Read More

Topics: Malware, cybersecurity, Federal Trade Commission, Videos, Cybercrime

After the Attack: Who Ya Gonna Call?

Posted by William Pate

May 3, 2016 4:17 PM

  • Tweet

It's happened. You've done everything you can to defend your law firm from this day, but the hacker successfully breached your walls. Now, you're faced with encrypted files, lost confidential data, demands for money, the insertion of other forms of malware on your network or, even worse, some combination of these and/or more malicious activities or demands.

What do you do now? Who needs to know? Who are you gonna call?

Read More

Topics: Security, Training, Malware, IT Tips, Email Management, whaling, cybersecurity, Hashcat, Passwords, Hacking, phishing, Virus, Antivirus, FBI Internet Crime Complaint Center, US-CERT, IC3, Secret Service, PII, Federal Trade Commission, APTs, Cybercrime

A CryptoLocker Checklist for Law Firms

Posted by William Pate

April 5, 2016 10:41 AM

  • Tweet

Ransomware, in layman’s terms, is designed to extort money from law firms, companies and individuals by holding their data hostage. CryptoLocker (and its variants) is a type of ransomware that infects a computer and seeks out common data files, such as pictures, music, PDFs and Word and Excel documents. It then encrypts those files so the user can’t open them, leaving the victim two choices: pay the cybercriminal or lose the data.

 

Need an example? Check out what happened to the Town of Discovery Bay, Calif., when its network was compromised by CryptoLocker.

Unfortunately, it only takes one wrong click to become a victim. Thus, ransomware prevention is crucial for law firms of any size holding confidential information. And what law firm isn't?

 

Download and use our 10 Steps to Ransomware Prevention:
A Checklist for Managing Computer Vulnerabilities
 to help ensure your law firm can survive a ransomware attack.

 

Read More

Topics: Security, Training, Malware, IT Tips, Webinars, whaling, cybersecurity, Passwords, Ransomware, Hacking, phishing, Virus, Antivirus, Endpoint Protection, APTs

And for our next trick . . .

Posted by William Pate

March 30, 2016 7:29 PM

  • Tweet

One click. That's all it took. One single click.

All the law firm's data. All of it. Gone. Encrypted. Corrupted. The best you can hope for is that you get

Read More

Topics: Security, Training, Malware, IT Tips, Webinars, whaling, cybersecurity, Passwords, Ransomware, Hacking, phishing, Virus, Antivirus, Endpoint Protection, APTs

Law Firm Cybersecurity Tips: Advanced Persistent Threats

Posted by William Pate

March 29, 2016 8:00 AM

  • Tweet

As we wrap up this series of Law Firm Cybersecurity Tips, remember that we're always keeping an eye out and keeping you up-to-date on new threats to your law firm. For our final post in the series, we'll discuss a very dangerous threat to law firms.

A highly destructive —  to information as well as physical security — threat is the Advanced Persistent Attack (APT).

These threats come in several different forms. They are stealthy and determined in their attempts to compromise data. They can be simple, such as a rogue administrator account hiding in an obscure organizational unit in your Active Directory (you are checking who has membership to domain administrative and enterprise administrators, right?), ranging to the better-known Trojan-horse attacks. Some of these viruses sit on your computer or server silently collecting your data for months.

The Stuxnet computer worm is a famous example. While this threat was originally intended to target Iran’s nuclear capabilities, hackers discovered the source code and re-engineered it to use against individuals and corporations.

Read More

Topics: Security, Malware, IT Tips, Network, SentinelOne, cybersecurity, Advanced Persistent Threats, Endpoint Protection, APTs

Law Firm Cybersecurity Tips: Phishing and Whaling

Posted by William Pate

March 22, 2016 10:01 AM

  • Tweet

Along with ransomware, another threat — whaling — has been dominating the news lately. While phishing has been going on for years, whaling is a slight change of direction offering greater monetary rewards for successful hackers.

In our own past experience, a law firm’s bookkeeper received an innocent-looking email from the managing partner requesting that several thousand dollars be paid from a certain account. The email looked legitimate and even came from the managing partner’s email address. But, in reality, it was a spoofed email.

The attacker faked the email address, figured out who the bookkeeper was and sent them an email pretending to be the managing partner. Fortunately, the law firm had a protocol in place for the bookkeeper to contact the controller before authorizing the payment. Had that policy not been in place, the firm would have lost thousands of dollars. 

Read More

Topics: Security, Malware, IT Tips, whaling, cybersecurity, Ransomware, Hacking, phishing, Endpoint Protection

Law Firm Cybersecurity Tips: Law Firms and Security Education

Posted by William Pate

March 15, 2016 3:23 PM

  • Tweet

As the number and types of cyber-threats multiply, regularly updated security policies must be developed and additional training provided to ensure law firms' users are aware of such threats and how to avoid them. Unfortunately, there is usually a disagreement between users and IT staff about users knowledge and ability to recognize and circumvent an attack.

There is a distinct divide between what IT administrators feel about security and the impressions of a law firm’s general users. While most administrators feel users need more training to better recognize security-compromising events, i.e., email phishing attempts, many end users feel they are already able to spot when they are the victim of a sophisticated phishing attempt. It is important that the firm’s IT department and managing team are on the same page when it comes to information security and the amount of training required to support the firm’s directives and legal and ethical requirements.

Read More

Topics: Security, Malware, IT Tips, Network, whaling, cybersecurity, Ransomware, phishing

Law Firm Cybersecurity Tips: Don't Just Set It and Forget It

Posted by William Pate

March 8, 2016 4:01 PM

  • Tweet

Wouldn't it be nice if security threats remained the same? We would only have to implement a single type of protection for each risk -- and that's that. No need for a deadbolt because the regular doorknob lock works. Car alarms were never invented because door locks worked fine. Cybercriminals couldn't shut down your network or ransom your files because you had anti-virus software installed.

 

Unfortunately, that is fantasyland. However, sometimes we treat our networks and endpoints as if they operate in that idealized world.

 

Read More

Topics: Security, Malware, IT Tips, Network, whaling, cybersecurity, Ransomware, phishing

Law Firm Cybersecurity Tips: Hashcat* Will Eat Your Long Passwords

Posted by Logan Byrd

March 1, 2016 9:55 AM

  • Tweet

Let’s talk about passwords.

 

Most people’s idea of a good password is one which is easy to remember, and which meets the absolute minimum requirements of their business systems and IT policy. Over the years, between constant reminders from the information technology community and constant news reports about major security breaches, we have all begrudgingly accepted that our passwords need to be a little longer, a little more complex and a little more inconvenient for us to use.

 

The technology used by cybercriminals to crack passwords is always improving, however, and even a 52-character password made up of obscure words and phrases, such as “Ph'nglui mglw'nafh Cthulhu R'lyeh wgah'nagl fhtagn1.” can be brute-force cracked in an ever-shrinking amount of time. 

 

Read More

Topics: Malware, Access Control, Dual Factor Authentication, cybersecurity, Hashcat, Passwords, Biometric Authentication, Two Factor Authentication, Ransomware

Don't Let Your Law Firm Become Whale Bait

Posted by Tim Sheehan

February 22, 2016 3:55 PM

  • Tweet

UPDATE 1 MAR 2016: Our partners at Mimecast announced today at the RSA Conference that they are launching the first-ever threat protection against whaling. Learn more here.

 

Whaling Attack? No, it’s not the latest survivalist reality television show. It’s a potential hacking threat posing a real problem for today’s technologically driven law firms and companies. [Update 29 FEB 2016: Here are a few good, if sad, examples of whaling.]

As in reality, whales are bigger than phish. Phishing is usually conducted using shotgun-style emails sent to the masses looking for people to divulge sensitive information, like Social Security Numbers or other personally identifiable information (PII). A whaling attack, however, targets the C-suite, partners, upper management, celebrities and other individuals of high worth or influence.

Read More

Topics: Security, Malware, Technology Consulting, IT Tips, Disaster Recovery, Email Management, Network, SentinelOne, whaling, cybersecurity, phishing

Hardening Your Computer – Decrease Your Vulnerability Footprint

Posted by Kyle Worley

February 16, 2016 5:05 PM

  • Tweet

When it comes to information security there is no silver bullet to stop attackers from infiltrating your firm. The “defense-in-depth” approach to information security is simple: add many layers of protection between yourself and the outside world. Hardening your computer is exactly what it sounds like, adding security measures to increase the difficulty of an attacker compromising your system. Below you will find a checklist of system hardening best practices, each of these are easy to implement and are critical in protecting your computer.

Read More

Topics: Security, Malware, Technology Consulting, Data Recovery, IT Tips, Disaster Recovery, Information Governance, Email Management, Access Control, SentinelOne

How to Choose Email Filtering (aka Email Hygiene) Solutions for Your Law Firm

Posted by Toby Cantor

February 9, 2016 10:52 AM

  • Tweet

Unless your law firm’s email addresses are anything less than brand-shiny new, some of your email undoubtedly will be spam. Until there are fundamental changes in how the Internet is managed (including the use of Simple Mail Transfer Protocol or SMTP), part of the job of IT staff at any moderately sized law firm will be managing unwanted email.

Read More

Topics: Security, Malware, Cloud, IT Tips

All posts Next

Comment on this post

Recent Posts

Categories

  • cybersecurity (126)
  • IT Tips (89)
  • Technology Consulting (73)
  • Security (55)
  • Cybercrime (44)
  • 31 Days of Law Firm Data Security (33)
  • Cloud (31)
  • Training (31)
  • Malware (26)
  • Information Security (23)
  • Passwords (21)
  • Email Management (20)
  • Email Security (19)
  • Ransomware (18)
  • Cloud Storage (17)
  • phishing (17)
  • Alerts (16)
  • Hacking (16)
  • 2FA (15)
  • Two Factor Authentication (15)
  • Disaster Recovery (14)
  • Webinars (14)
  • iManage (14)
  • Articles (13)
  • Data Backups (12)
  • Network (12)
  • ECM (11)
  • Managed Services (11)
  • Microsoft (11)
  • DMS (9)
  • ILTA (9)
  • Information Governance (9)
  • CCPA (8)
  • End of Support (8)
  • Endpoint Protection (8)
  • Partner Series (8)
  • whaling (8)
  • Business Continuity (7)
  • End of Life (7)
  • Office 365 (7)
  • SentinelOne (7)
  • ALA (6)
  • Data Recovery (6)
  • DocsCorp (6)
  • Document Management (6)
  • Employment (6)
  • Infographic (6)
  • Partners (6)
  • Privacy (6)
  • Access Control (5)
  • Antivirus (5)
  • COVID-19 (5)
  • Dual Factor Authentication (5)
  • APTs (4)
  • Client Audits (4)
  • Consumer Privacy (4)
  • Cybersecurity Infographic (4)
  • Enterprise Mobility Management (4)
  • FBI Internet Crime Complaint Center (4)
  • Federal Trade Commission (4)
  • Innovative Cloud Solution (4)
  • Mimecast (4)
  • Mobile (4)
  • Publications (4)
  • Windows 10 (4)
  • Word (4)
  • Cloud Infographic (3)
  • Duo (3)
  • Events (3)
  • Microsoft SQL Server (3)
  • Our Team (3)
  • PII (3)
  • Penetration Testing (3)
  • Remote Access (3)
  • Secret Service (3)
  • Survey (3)
  • US-CERT (3)
  • Virus (3)
  • Windows 7 (3)
  • Yahoo (3)
  • cleanDocs (3)
  • iManage Work (3)
  • videoconferencing (3)
  • ALA 2016 (2)
  • ALA 2017 (2)
  • AWS (2)
  • Advanced Persistent Threats (2)
  • Association of Legal Administrators (2)
  • Biometric Authentication (2)
  • Change Management (2)
  • EOL (2)
  • ESU (2)
  • Fortinet (2)
  • GLA ALA (2)
  • HackNotice (2)
  • Hashcat (2)
  • Hybrid Storage (2)
  • IC3 (2)
  • Identity Theft (2)
  • Microsoft SQL Server 2005 (2)
  • Microsoft SQL Server 2008 (2)
  • Microsoft SQL Server 2016 (2)
  • Mine (2)
  • Office 2016 (2)
  • On-Premises Storage (2)
  • Regulation (2)
  • SMB (2)
  • Server 2008 (2)
  • Staff (2)
  • Video (2)
  • Videos (2)
  • Vulnerability Testing (2)
  • firewall (2)
  • iManage RVAN (2)
  • ABA (1)
  • About Us (1)
  • Amazon Web Services (1)
  • Anniversary (1)
  • Austin ALA (1)
  • BYOD (1)
  • Blue Jeans (1)
  • Cindy Bates (1)
  • Citadel Information Group (1)
  • Citrix (1)
  • Cloud Communications (1)
  • Customer Service (1)
  • David Lam (1)
  • ELF (1)
  • EMM (1)
  • EMP for Windows Server (1)
  • Employment Law Forum (1)
  • Financing (1)
  • First American Equipment Finance (1)
  • GLA (1)
  • GPDR (1)
  • Golden Gate ALA (1)
  • HPE (1)
  • Hiring (1)
  • IBM (1)
  • Imaging (1)
  • Innovative Computing Systems Family (1)
  • Internet Explorer (1)
  • Internet of Things (1)
  • IoT (1)
  • KnowBe4 (1)
  • LawToolBox (1)
  • Licensing (1)
  • Los Angeles (1)
  • MaaS360 (1)
  • Michael Kemps (1)
  • Microsoft Edge (1)
  • Microsoft SQL Server 2014 (1)
  • Mitel (1)
  • Outlook (1)
  • PDFs (1)
  • Phones (1)
  • Pokémon GO (1)
  • Printers (1)
  • Privacy.com (1)
  • RSA Conference (1)
  • Recipient Checking (1)
  • Servers (1)
  • Threat Map (1)
  • Unified Communications (1)
  • User Experience (1)
  • Virtualization (1)
  • Work Product Management (1)
  • compareDocs (1)
  • eBook (1)
  • macOS (1)
  • pdfDocs (1)
  • zoom (1)
see all

Subscribe to Innovative Insights

  • Cloud Solutions
    Cybersecurity
    Managed IT Services
    IT Consulting
    Enterprise Servers & Storage
    Enterprise Content Management
  • Telephony & Networking
    Desktop Management
    Desktop Deployment
    Audits & Strategy
    Virtualization
Practice Groups
Services
Partners
About Us
News & Events
Resources
Blog
Employment
Privacy Policy
ICSLogo_Footer
Copyright © 1989–2021. Innovative Computing Systems, Inc.