An updated threat report from the National Cyber Security Centre (NCSC) highlights the key threats that legal firms in the UK face, from ransomware to intellectual property theft. The report also looks to help the legal sector become more resilient to attacks, with the latest steps and guidance on how to improve their security.
During COVID-19 many businesses adopted a remote or hybrid working model which has widely continued post pandemic, this has increased the risk of online threats with the sensitive information held and large payments taken by firms making them attractive targets to criminals.
The devastating consequences from online criminals have been felt by many businesses, including conveyancing firm Simplify Group, who were left unable to process house moves after a cyber-attack, which is reported to have cost them £6.8million.
In another case, Tuckers Solicitors LLP had 60 court cases and related data stolen and leaked onto the dark web after suffering a ransomware attack.
Law Society President Lubna Shuja said:
“It is vitally important that solicitors and law firms, whether large or small, are aware of the cyber threats they face and take steps to safeguard their systems. This new report from NCSC is a timely intervention that will be an essential resource for our members, providing information, practical guidance, and tools to help the legal sector protect the sensitive data it holds against cyber-attack.”
How to protect your legal firm from cyber attacks:
- Ensure that senior management and leadership such as board members, owners and partners are engaged and informed about cyber security risk. The NCSC’s Board Toolkit provides a set of tailored resources to help senior stakeholders engage with these issues.
- Take a look into Cyber Essentials, this certification helps you to guard against the most common cyber threats and demonstrate your commitment to cyber security. The NEBRC has 10 Little Steps – the programme to help your organisation achieve Cyber Essentials.
- Sign up to receive the NEBRC’s free core membership today and stay up to date with the latest cyber security updates and gain access to a wealth of handy resources.
- If you are a business, charity or other organisation which is currently suffering a live cyber-attack (in progress), please call 0300 123 2040 immediately. This service is available 24 hours a day, 7 days a week. You can also report online at actionfraud.police.uk.
- For further guidance please contact [email protected]
The NEBRC is a police led non-profit organisation that seeks to educate, inform, and support businesses across the UK on how to protect their business online through good cyber security practices.