Two law firms in Manitoba have been struck by the Maze ransomware, which disabled the firms’ email, work applications, accounting software, and all the backups – including their cloud-based backups.
The Law Society of Manitoba issued a statement about the malware attack after it had been notified by the two firms, whose names were not disclosed. In the statement, the law society said that it does not know if the two firms would ever regain complete access to their encrypted data.
According to the law society, both of the affected firms have been asked by the ones responsible for the malware to pay “an enormous ransom” to lift the encryption locking the computers. The affected law firms are “working with IT professionals and cyber insurers,” but are still unsure how the virus took root, the law society added.
“We suspect that someone clicked on a link or an attachment in an email that was infected with a virus which in turn infected the firms’ entire systems,” the Law Society of Manitoba stated.
IT World Canada News reported that the group behind the Maze ransomware typically gives victims seven days to comply with the ransom demand. The hacker group usually infects one computer first, then attempts to gain network access to find all computers and servers to find any sensitive data. Maze then copies victims’ data before encrypting it, allowing them to threaten to release the data to the public if the ransom demands are not met.