Sophisticated cyberattacks target law firms, legal departments and courts, seeking their troves of sensitive information about entities. In 2020, a ransomware gang stole from the law firm Grubman the data of Lady Gaga and other entertainment stalwarts, then demanded $42 million. Jones Day was a victim of ransomware in February 2021. On April 28, 2021, a ransomware attack took down a Brazilian state’s court system. This article discusses distinct challenges that ransomware poses to attorneys and law firms and shares insight from interviews with cybersecurity advisers from Clark Hill, Sensei Enterprises and Splunk on the latest ransomware developments and how enterprises across industries can prevent attacks, as well as their comments during recent ransomware panels hosted by the American Bar Association and U.S. Chamber of Commerce. This article contains valuable insights, not only for law firms that handle fund manager information, but also for fund managers whose sensitive information is routinely handled by their lawyers. See our two-part series “How Fund Managers Can Identify and Prepare for Ransomware Threats”: Part One (Apr. 19, 2018); and Part Two (May 3, 2018).