Last week, a New York based law firm experienced a ransomware infection. Attackers demanded $21 million in payment. If payment were not received within one week, hackers threatened to release sensitive files pertaining to the law firm’s high-profile celebrity clients.

The firm offered the hackers $365,000, but the amount was declined. In turn, the hackers flooded the web with data about a certain high-profile celebrity. In addition, they’re now asking for $42 million in payment, and saying that they have sensitive files to release regarding US President Donald Trump.

Experts believe that this latter bit is an empty threat. The situation reflects the importance of boosting cyber security budgets despite the economic downturn, and taking carefully calculated steps to protect data. Organizations such as law firms are common targets of phishing scams and ransomware attacks, losing an average of $4.62 million with every data breach.

Former White House Counterterrorism Advisor to Presidents Clinton, H.W. Bush, and G.W. Bush, Richard Clarke, suggests that organizations, such as law firms:

  • Start with cyber insurance (although its utility may be questionable)
  • Backup data regularly.
  • Improve cyber security.

“Spend more than 3% of your IT budget defending your network, because if you don’t you’re going to have to spend a heck of a lot more money later.” As much as 10% of your IT budget should be dedicated to cyber security, says expert Richard Clarke. Click To Tweet

See a CNN news segment on this topic. Click here to watch.