Seyfarth Shaw LLP is an international law firm that serves more than 300 Fortune 500 companies. Over the weekend the firm became the victim of an aggressive ransomware attack. The company claims the attack was very sophisticated and they believe it was a coordinated attack targeting multiple entities at the same time. Seyfarth has shut down its email service until further notice. Seyfarth is now working with the FBI to investigate the attack and bring its systems back online. Seyfarth noted that they found no evidence that client information was accessed or exfiltrated during the attack.
Ransomware attacks are becoming more sophisticated and more frequent. The US Government has issued several advisories urging companies to notify and cooperate with law enforcement officials if they are victims of a ransomware attack. Ransomware attacks will continue to grow in scope and sophistication as long as they continue to be successful. Organizations need to continue to educate employees of the cyber threat and how it can be mitigated at the individual level, as well as strengthen security systems to detect and stop attackers quickly if they get past security controls or trick an employee into opening a malicious document file to gain access. Almost all ransomware attacks should be considered to be data breaches as well, since attackers must gain access to sensitive files in order to encrypt them.