Cyber security watchdog issues law firm warning
The National Cyber Security Centre (NCSC), part of GCHQ, yesterday published its first report on the growing cyber threat to the legal profession.
It said that while the primary threat stemmed from cyber criminals with a financial motive, “nation states are likely to play an increasingly significant role in cyber attacks at a global level, to gain strategic and economic advantage.
“There has also been some growth in the hacktivist community targeting law firms to achieve political, economic or ideological ends.”
The NCSC said that, according to Action Fraud, in the two years to March 2018, 18 law firms reported hacking attempts.
“Such attacks tend to be more targeted in nature and are most likely initiated by phishing. They are often the work of more sophisticated cyber actors such as organised crime groups and nation states.”
The NCSC said the most significant cyber threats facing law firms were phishing, data breaches, ransomware, and supply chain compromise.
The report spells out the dangers and steps firms can take to combat them.
On phishing, it said the Solicitors Regulation Authority has publicised 110 scams against law firms so far in 2018, but “there are likely to be many more that go unreported”.
It gave the case study of a “mid-sized law firm with a multi-million pound turnover”, where a senior partner broadcast on social media full details about a business trip to Barcelona.
A criminal gang based overseas used this information to initiate a phishing attack against the firm’s accounts team. An accounts clerk received an email from an account spoofing the senior partner’s email address, instructing her to pay an invoice and imploring confidentiality.
Even though the firm had in place a number of policies and procedures that systemised the payment of invoices, they were able to persuade the accounts team to bend the rules, under the pretext of urgency, confidentiality and seniority.
The criminals also knew that the accounts team were tied up in installing a new accounting package and training on the new system, as a staff member had mentioned it on Facebook. It was at this time that the criminals convinced the clerk to make an authorised payment of £35,000.
The section on ransomware referenced the global attack last year on DLA Piper that caused significant business disruption for a number of weeks and is to date the single biggest cyber attack to ever hit any law firm.
The attack utilised a new variant of the Petya malware (NotPetya) via the software update mechanism of M.E. Doc, a Ukrainian tax program that had been compromised to spread the malware.
The report said the attack appeared to be a ransomware attack; it was later identified as a destructive variant so that the data was encrypted.
DLA Piper was running around 800 applications at the time and went through a process afterwards of building them back up. “Since the attack, the firm has been running a number of programs to enhance security and business resilience.”
Looking to cyber security trends, the report noted the increasing use of artificial intelligence (AI) systems among the large law firms, saying: “AI may help with thwarting future attacks, although may also be used maliciously, for example, to fool AI fraud checks or craft high-quality phishing emails.”
NCSC chief executive Ciaran Martin said: “Like all businesses, law firms are increasingly reliant on IT and technology and, as a result, are falling victim to a range of malicious cyber activity.
“Losing access to this technology, having funds stolen or suffering a data breach through a cyber attack can be devastating, both financially and reputationally, not only for the firm but also its clients.
“The NCSC is committed to supporting the legal sector as part of our role to make the UK the safest place to live and do business online and that’s why we feel it’s extremely important to offer the tailored advice and guidance outlined in this report.”
The report was created in collaboration with major law firms working under the NCSC Industry 100 scheme and the Law Society.
Law Society president Christina Blacklaws said: “In the post-GDPR world and as the sector delivers and transacts more online, it’s vital that we get a common view and understanding of cyber threats and their impact.
“The Law Society sees this report as a positive step to help our members spot vulnerabilities and put relevant safeguards and protections in place.”
To help firms further, the NCSC and industry partners have also launched a legal sector group on the free Cyber Information Sharing Platform.
Source: legalfutures
Latest Jobs
-
- Cloud Channel Manager
- London
- Up to £75,000 Base dependant on experience + Double OTE
-
A Cloud Channel Manager is needed for a Leading Cloud Service Provider in London due to increased customer demand. The Cloud Channel Manager will be primarily responsible for rebuilding & protecting current accounts and also new logo sales into the channel e.g. Value Added Resellers (VAR) / Managed Service Providers (MSP), SI etc. Requirements Current experience selling Cloud technology such as AWS / Azure into the channel Over achieved on sales targets. Long tenure (3/4 years+) in current and previous positions. Reference Number: PG7419
-
- Business Development Manager (Public Sector)
- London
- Up to £75,000 Basic + Double OTE (Commission is uncapped and subject to accelerators)
-
One of our clients who are a leading service provider in London are looking for a Public Sector focussed Business Development Manager. The Business Development Manager (Public Sector) will be selling from a portfolio of managed ICT services and cloud services to prospects within the public sector focusing on central government, healthcare, university’s The portfolio will cover flexible end to-end managed services, UC, cloud, hosting and SDWan. Preference will also be given to Business Development Manager (Public Sector) who satisfy the following criteria: Over achievement of new business sales targets 5 years of experience in selling at least two of these; managed services, UC, Azure, AWS, SDWAN etc. New Business Background is a must in central government, healthcare or universities In return you will be working for a company that is growing over 25% organically year on year with excellent sales support and a great senior leadership team. Reference Number: BD7410
-
- Google Cloud Architect
- London
- Up to £90.000 base plus bonus
-
We have a very urgent requirement for Google Cloud Architect for one of the reputed clients who are a fast growing GCP partner. The Google Cloud Architect will leverage Google Cloud technologies, designs, develops, and manages robust, secure, scalable, highly available, and dynamic solutions to drive business objectives. This will require all dimensions of cloud architecture including: Building, migrating and testing GCP environments and integration with other providers Build, design and implement scalable cloud-based web applications for PaaS, IaaS or SaaS. Provide thought leadership for cloud developer technology and collaborate with cross-functional engineering teams to streamline or improve adoption of Google Cloud Platform. This position will be located in London, United Kingdom. Unfortunately our client are unable to sponsor for this opportunity Reference Number: ES7411
-
- Solutions Consultant (Telecoms, SDWAN, IOT, WAN, Hosted services)
- Frankfurt
- Up to €90,000 plus car, bonus and benefits
-
Solutions Consultant is required to help lead a number of key client Migrations projects for this tier 1 Telecom company, the main role for the Solutions Consultant is helping customers migrate to new services, with a focusing on hosting (AWS, Azure) SDWAN and IOT You will be responsible for Post sales design documentation, implementation and migration of complex solutions for managed enterprise customers. Complex solutions consist of multi-product services. The TDA’s role is to ensure that these services interoperate and integrate into the customer environment. Such products consist of but not limited to MPLS, Ethernet, IPSec VPN’s, VoIP, Video Conferencing, Wireless, Internet, Private DSL, WAN Optimization, Managed Security Services, Managed Hosting, SDWAN and Complex Migration Planning. The TDA will own the technical delivery of customer solutions and will be the technical interface between the customer, product teams and project management during service delivery. Close engagement with pre-sales, technically validating solutions proposed are deliverable and all technical aspects are clearly defined prior to contract signature. The TDA accepts technical ownership of the solution at the point of contract signature. Lead customer facing technical workshops requiring excellent communication with the ability to articulate technical concepts clearly to all levels of competency. Providing support to 3rd line teams for OEM and design related faults. You will need to be at CCIE level (ideally CCIE R&S or SP ) with strong low level design and deployment skills, comfortable in front of customers and leading customer meeting Knowledge in SDWAN and Hosted services would be advantageous Reference Number: RA7413