
He uses the December 2022 ransomware attack at The Guardian newspaper and media group as a salutary example—hackers often make successful phishing attacks during festivities when employees are more likely to be caught off guard. Using the Guardian ransomware as illustration, Hayes offers advice on what law firms, in the event of an attack, should do next.
Hayes writes: ‘For a law firm to fall victim to a cyberattack similar to the one at The Guardian might seem unthinkable, but it has happened before and recent events show that attacks will continue to occur. Analysis of cyberattacks demonstrates that phishing attempts directed at large, global organisations and small UK firms have been successful. These can often result from a single, isolated human error.’