Cybersecurity Quick Tip: White House Urges Businesses to Enable MFA & Take Other Steps Against Russian Attacks

With the FBI and CISA warning of increased Russian hacking threats targeting US businesses, the White House outlined 8 cybersecurity steps to take, with multi-factor authentication at the top — all of which are critical to law firms of all sizes.

Legal cybersecurity expert Sharon Nelson points out in her recent post on their Ride the Lightning blog that the suggested security steps are important for law firms regardless of how active Russian hacking threats really are. (Don’t forget: Small and midsized law firms have recently been slammed by ransomware.) The top recommendation is for businesses to deploy multi-factor authentication (MFA), which we’ve encouraged lawyers to use in this guest post on our blog last year from Sharon Nelson and Sensei VP John Simek. The remainder of the cybersecurity steps outlined by the White House:

(1) Deploy modern security tools on your computers and devices to continuously look for and mitigate threats

(2) Make sure that your systems are patched and protected against all known vulnerabilities, and change passwords across your networks so that previously stolen credentials are useless to malicious actors

(3) Back up your data and ensure you have offline backups beyond the reach of malicious actors

(4) Run exercises and drill your emergency plans so that you are prepared to respond quickly to minimize the impact of any attack

(5) Encrypt your data so it cannot be used if it is stolen

(6) Educate your employees to common tactics that attackers will use over email or through websites

(7) Work with FBI and CISA to establish relationships in advance of any cyber incidents.”

RELATED RESOURCES:

Why Lawyers Need to Use Multi-Factor Authentication [Guest Post] (Mass LOMAP Blog, 2021)

Practical & Budget-Friendly Cybersecurity Tips for Law Firms [Webinar] (Mass LOMAP, 2021)

Your Law Firm Has Been Breached: Who Are You Going to Call? [Guest Post] (Mass LOMAP,  2022)

Security Assessments and Pen Tests for Law Firms [Guest Post] (Mass LOMAP, 2021)

Cybersecurity Quick Tip: Update All Your Devices & Programs Promptly – as Always, and Especially Now (Mass LOMAP Blog, 2021) 

Top 10 Tips: Effective Cybersecurity Awareness Training for Law Firm Employees [Guest Post] (Mass LOMAP Blog, 2021)

Shadow IT: A Serious Threat to Law Firms [Guest Post]  Mass LOMAP Blog, 2021)

Smartphone Phishing Attacks Escalate, Bedeviling Law Firms [Guest Post] (Mass LOMAP Blog, 2021)

Other Cybersecurity Topics

   Free & Confidential Consultations:

Lawyers, law students, and judges in Massachusetts can discuss concerns with a law practice advisor, licensed therapist, or both. Find more on scheduling here.