Professionals Beware: Cyberattackers Are Targeting You
To print this article, all you need is to be registered or login on Mondaq.com.
In 2020 professionals experienced numerous disruptions
as they responded to COVID-19 and swiftly transitioned technology,
processes and people to continue to provide their essential
As if that was not enough, we have recently seen a
significant increase in the number of cyberattacks specifically
targeting professionals ranging from medical practices to
accounting and law firms.
Even the largest global corporations are not immune to
However, cybersecurity must be a top priority for professionals
to protect their information from cybersecurity breaches.
Professionals typically maintain highly sensitive information,
including personal health and financial information. This
information is very valuable to cyberattackers who capitalize on
gaps in privacy and cybersecurity programs and periods of decreased
vigilance. In particular, cyberattackers are most often successful
during weekends and public holidays – as you may be less likely to
Professionals have a number of legal and professional
obligations to protect the personal information of individuals they
interact with, including requirements imposed by privacy and
professional regulators. As such, professionals must take proactive
measures to minimize their risk of a cybersecurity attack or the
impact of such an attack.
How do Cyberattacks Occur?
We have recently seen a significant number of ransomware attacks
on professionals. Ransomware is software designed to lock or
encrypt your system or data. Ransomware typically spreads through
sophisticated “phishing emails,” which trick users to
interact with infected emails, and/or through server or software
vulnerabilities without user interaction. Once a system or data is
exposed, the ransomware encrypts the system or information on the
system, and requires users to pay a ransom by a specified deadline
in exchange for access to the system and/or data.
Ransomware creates real and significant risks to
What would you do tomorrow if all of your data was encrypted and
you could not access it?
If having your system or data encrypted for a ransom is not
troublesome enough, there is a real risk that paying the ransom
will not remove the ransomware, and/or that the attack will be
repeated on an infected system or data.
Further, even if data is recovered and further attacks are
thwarted, the negative impact of a cyberattack on your assets,
operations, reputation and relations, and the associated financial
loss, regulatory consequences and potential liability, can be
Ten Proactive Steps to Minimize Ransomware Attacks
Fortunately, there are a number of steps that professionals can
take to minimize the chance of, and mitigate the risks associated
with, a successful ransomware attack. In particular, professionals
should take the following ten steps to prepare for a ransomware
- Assess and Address the
Risks: The world of cybersecurity moves very fast, and
professionals should identify and assess potential cybersecurity
risks and gaps in their IT systems on…