Staying one step ahead in the era of global cyber warfare

Staying one step ahead
in the era of global cyber warfare

Taking into account a range of volatile conditions over the past three years, many firms are evaluating and rewriting Business Continuity Plans (BCP) to ensure their continued effectiveness in the current threat landscape. While the central topic of this paper is the risk presented by cyber-attacks, a multi-faceted approach to recovery is nonetheless essential to brand reputation and effective disaster recovery.

In recent years, we have witnessed geopolitical shifts that continue to impact economic stability and created an unprecedent threat to our way of life. The Russian conflict in Ukraine and the continued rise of China as a global economic powerhouse encroaching on traditional Western monopolies, along with significantly differing political ideologies, have ushered in the new era of cyber warfare, and businesses and critical services alike are finding themselves the target of malicious and politically motivated ill-intent. While this sounds dramatic on the surface, these shifts cannot be ignored, especially when combined with the rising value of critical data assets, and the highly sensitive nature of the data handled by legal firms.

Consider the following recent challenges faced by firms:

Remote working

The wholesale shift to remote working in response to COVID-19 meant that old disaster scenarios such as office floods or power cuts were significantly less harmful or disruptive. With hybrid working now firmly established, providing staff with secure access to firm’s digital assets is more important than ever, with the use of AOVPN services and virtual desktops continuing to offer the most robust solution to this challenge.

Decentralised data

Data assets no longer reside solely in the data centre. DMS and PMS systems offer both SaaS and on-premises versions, while productivity services, such as Microsoft 365 and Google Workspace, and Customer Relationship Management (CRM) systems are all maturely delivered ‘as a service’. This means firms must consciously audit data silos and classify where their critical assets reside to ensure the appropriate controls and resilience are in place.

Supply chain disruptions

IT agility is hugely important in maximising user and fee earner productivity, but the ongoing global shortage of silicon chips has significantly extended the time from order to delivery of devices (firewalls, laptops, servers, etc.). This now means that all areas of the firm must plan almost a year ahead to ensure appropriate infrastructure and end user devices are available as needed. Additionally, IT teams must work harder to maintain a standard catalogue of devices, to manage total cost of ownership, and centralised, consistent deployment mechanisms to ensure devices reach users in a fully hardened and secure state.

A final challenge relating to recovery from ransomware attacks is insurance. Cyber security and ransomware-specific policies are essential, ensuring there is no ambiguity relating to claims for loss and damages, as famously reported in 2019, when top UK law firm DLA Piper and Hiscox clashed over a claim relating to the NotPetya attack in 2017.

Furthermore, insurers are continuing to demand demonstrable prevention and recovery measures are taken by firms to ensure reasonable steps have been taken to prevent data loss and recover systems in the event of a ransomware attack. This will commonly include essential services, such as endpoint detection and response, but may also require evidence of immutable backups and auditing of 3^rd party supplier data protection measures.

An immutable backup is one that is locked after the point of creation, making it impossible to tamper with. These have become a critical security measure, as cybercriminals also target backup systems to increase the impact of their attacks. This is the base measure of protection, and should be accompanied by data diode considerations, physical separation, multi-factor authentication, and identity management.