Navigating Cybersecurity Challenges in the Legal Sector: Lessons from the CTS Cyber Incident
The recent cyber-attack against a major IT provider for law firms, CTS, has sent shockwaves throughout the legal sector, leaving property completions in disarray and clients in dismay. The aftermath has highlighted further the cybersecurity risks faced by law firms and particularly the potential implications for property transactions. CTS, in response to the cyber incident, stated that it is actively working with a global cyber forensics firm to conduct an urgent investigation. While expressing confidence in the ability to restore services, CTS has been unable to provide a precise timeline for full restoration. Preliminary information suggests that a ransomware attack is at the core of the issue.
Property buyers, eagerly awaiting completion, have found themselves in distress as the cyber incident continues to disrupt the usual flow of transactions.
The Ripple Effect on Property Transactions & Consumer Trust
Property completion day is a pivotal moment for buyers and sellers. On this day, funds are transferred between solicitors to finalise the transaction. However, the CTS cyber incident has disrupted this process, causing delays in numerous completions, and leaving buyers and sellers in uncertainty.
The impact on the reputation of affected law firms and consumer trust has been immediate; buyers have taken to social media platforms to express their distress over delayed completions. Limited information from CTS and the prolonged duration of the incident have raised concerns among property buyers. The lack of updates, communication, and transparency has left some buyers frustrated and anxious about the status of their transactions.
The property law regulator, the CLC, emphasised the need for collaboration among law firms to minimise disruption. Following the incident, the CLC has also urged firms to communicate openly with lawyers on the other side of transactions. This call for transparency is seen as vital to limit potential disruption and protect consumers from harm.
Lessons Learned: Strengthening Cybersecurity in the Legal Sector
The CTS cyber incident serves as a stark reminder of the cybersecurity challenges faced by law firms.
We cannot emphasise enough the need for law firms of all sizes to take their cyber security measures seriously.
This incident raises again the importance of considerations around setting minimum standards for third parties in the supply chain. Reinforcing our recommendation that cyber security is always provided and monitored independently from a firm's regular IT service, be that internal or outsourced.
HOW THE LEGAL SECTOR CAN MITIGATE THE RISKS
Investing in advanced cybersecurity measures helps law firms to protect sensitive client data and ensure the secure flow of transactions.
Advice Relating Specifically to the CTS Breach
Third Party and Supply Chain Vulnerabilities
The breach at CTR has highlighted the dangers of supply chain attacks for law firms and the need for due diligence and regular supply chain audits.
Cybercriminals have recognised that law firms increasingly depend on third-party vendors and suppliers to support various aspects of their operations, targeting suppliers as a potential entry point to gain unauthorised access to law firms’ networks and sensitive data.
PureCyber recommend conducting regular third-party supplier audits and risk assessments of each supplier, including a review of security policies, procedures, and past security incidents. This is vital for law firms to mitigate cyber risks, and thereby avoid significant financial and reputational damage.
Incident Response Planning
Developing and regularly updating incident response plans, enables swift and coordinated responses in the event of a cyber incident. Having such plans in place can limit a damaging period of downtime reducing the reputational damage, business interruption and financial implications of an attack. Good cyber security should include planning for disaster, when something happens you do not want that to be the first time you have thought about it.
Enhanced Communication and Transparency
Through incident response planning, organisations are prepared if the worse happens, improving communication channels to keep stakeholders informed during cybersecurity incidents, fostering trust and understanding.
Collaboration Among Law Firms
Where possible we suggest working collaboratively within the legal sector to share threat intelligence and best practices, fortifying the industry's collective cybersecurity defences.
Regular User Awareness Training
Educate employees about cybersecurity best practices, including recognising phishing attempts and using strong passwords. Cyber security is a shared responsibility across the whole organisation.
Phishing
Cybercriminals use phishing attacks to specifically target law firms, often masquerading as clients or colleagues. These attacks can lead to compromised email accounts, stolen credentials, invoice fraud or malware infections, which can be used to access sensitive information or launch further attacks. Firms should adopt layers of security to mitigate the risk and impact of a phishing attack, such as Active-Threat detection, mail filtering, access controls, phishing simulation tests and cyber-awareness training for all levels of staff.
Regular Penetration Testing
Penetration testing services can help law firms find the vulnerabilities in their internal and external infrastructures before the hackers do and identify the appropriate remediation.
Multi Factor Authentication
Implement multi-factor authentication to add an additional layer of security to user and administrator accounts.
Access Control
Restrict and track the use of administration accounts in operating systems and applications. Ensure that users are not using Admin accounts for their day-to-day work.
Regular Vulnerability Scanning, Patching & Updates
Keep all software and systems up to date.
Back Ups
Regular secure backups are key such as, external hard drives or cloud solutions, but make sure these are only connected to your systems when backing up to ensure they are protected when not in use.
Governance
This helps you organisation understand, what data you have, where it is and who uses it, this will help you make informed decisions when it comes to IT, schemes such as Cyber Essentials and IASME cyber assured are great starting points leading to ISO27001.
Next Steps
As the legal sector grapples with the aftermath of the CTS cyber incident, it underscores the urgency for law firms to fortify their cybersecurity posture.
Securing the legal sector from cyber threats is paramount to protecting clients and sensitive data. Prevention is most certainly better than dealing with the implications of a cyber incident.
To maintain a secure cyber security posture, recognising vulnerabilities and implementing pro-active strategies such as the ones detailed above is essential in any firm.
Take Action
If you are concerned about the robustness of your cyber security, please get in touch with the team who would be happy to arrange a free consultation call. PureCyber support law firms of all sizes with the essential cyber knowledge and tools to protect them against common cyber threats.