A ransomware attack that struck TrialWorks early this month caused law firms and lawyers using the platform to not be able to access records and legal documents. A hosting service outage notification was sent on October 13th; the next day, another notice was sent to TrialWorks customers stating that they had been affected by ransomware. Multiple cybersecurity firms were employed by the company to help carry out a thorough investigation. It was later reported on the 15th of October that the threat had been diminished and the affected data was actively being decrypted and restored–which could mean that the company obtained the decryption key after paying the ransom. The outage caused some lawyers to ask the courts for an extension on deadlines for providing case documents. It can now be confirmed that the company has restored access to the documents. At this time, it is not known what ransomware family was used and how the ransomware made its way into the company’s system.
Analyst Notes
Even though it is not known how TrialWorks was affected, employees should still be trained on how identify suspicious emails containing attachments or web links, which continue to be the top reason for initial attacker access and resulting breaches. Data should also be backed up on a regular basis and software and operating systems should be updated whenever new versions or patches are available. More information regarding this incident can be found here: https://securityaffairs.co/wordpress/93040/malware/trialworks-ransomware-attack.html, https://www.miamiherald.com/news/local/article236645058.html
