Supply Chain Attack On British Law Firms

Uploaded on 2023-11-29 in FREE TO VIEW, BUSINESS-Services-Law, BUSINESS-Services-IT & Telecoms

A specialist Managed Service Provider (MSP) for UK law firms is “urgently investigating” a cyber attack that has disrupted its services, potentially leaving hundreds of UK law firms and home buyers unable to access their case management systems.  The UK government is “closely monitoring the company’s situation,” according to a government spokesperson.

The firm, CTS, has said that it was “experiencing a service outage which has impacted a portion of the services we deliver to some of our clients,” and confirmed “the outage was caused by a cyber-incident.”

Industry journal Estate Agent Today has said that CTS was hacked through the CitrixBleed bug which US officials have warned is being used by both state-sponsored and cyber criminals. It is estimated that as many as 200 firms  were left unable to access phone, emails, or case management systems.

CTS said it was “working closely with a leading global cyber forensics firm to help us with an urgent investigation into the incident and to assist us in service restoration.” but could not give a timeline for “full restoration,” and promised to communicate directly with the clients who were affected. 

Leading UK-based law firms, including O’Neill Patient, Talbots Law and Taylor Rose MW, have issued statements informing customers that they are “currently experiencing service difficulties due to a technical outage affecting multiple organisations within the legal sector.”

This incident comes just a few weeks after the British government failed to introduce promised legislation that would require MSPs to increase their cybersecurity protections.

MSPs are “an attractive and high value target for malicious threat actors, and can be used as staging points through which threat actors can compromise the clients of those managed services,” the government had stated when it originally announced the legislation.

CTS:   Estate Agency Today:   Todays Conveyancer:    Infosecurity Magazine:   The Record:  

Bleeping Computer:

Image: Erik Mclean

You Might Also Read: 

Global Law Firm Breached & Data Stolen:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« Spy Agencies Are Hiring Via LinkedIn
Attack On Denmark's Critical Infrastructure »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Tresorit

Tresorit

Tresorit helps teams to collaborate securely and easily by protecting their data with end-to-end encryption.

Bastille

Bastille

Bastille’s patented software and security sensors bring visibility to devices emitting radio signals (Wi-Fi, cellular, IoT) in your organization.

Seclab

Seclab

Seclab is an innovative player in the protection of industrial systems and critical infrastructure against sophisticated cyber attacks.

CERT Syria

CERT Syria

CERT Syria is the national Computer Emergency Response Team for Syria.

Myra Security

Myra Security

Myra technology monitors, analyzes, and filters malicious internet traffic before virtual attacks can do any real harm.

Echoworx

Echoworx

Echoworx primary and exclusive focus is providing organizations with secure email services.

CM Blockchain Security Center

CM Blockchain Security Center

We are dedicated to building a healthier blockchain ecosystem, providing solutions to security technology, and helping those who practice in the area of blockchain to get insight into industry trends.

CyVolve

CyVolve

Cyvolve is the next great leap forward in data security, ensuring constant encryption and pervasive control over all your data.

CyGlass

CyGlass

CyGlass simply and effectively identifies, detects, and responds to threats to your network without requiring any additional hardware, software, or people.

Prosperoware

Prosperoware

Prosperoware develop software for cybersecurity, privacy, and regulatory compliance for content systems, and financial matter management.

Wavex Technology

Wavex Technology

Wavex Technology is an award winning IT Services firm offering clients a secure and fully managed IT service.

National Cyber Safety and Security Standards (NCSSS) - India

National Cyber Safety and Security Standards (NCSSS) - India

National Cyber Safety and Security Standards has been started with a great vision to safeguard India from the current threats in the cyber space.

Rayzone Group

Rayzone Group

Rayzone Group offers a wide range of Cyber Security solutions and services, providing hollistic protection suitable for both enterprises and National cyber security centers.

MTI

MTI

MTI is a solutions and service provider, specialising in data & cyber security, datacentre modernisation, modern workplace, IT managed services and IT transformation services.

Trusted Security Solutions (TSS)

Trusted Security Solutions (TSS)

TSS are specialist in IT Security and providing Cybersecurity Solutions & Services combined with storage and backup.

Colt Technology Services

Colt Technology Services

Colt Technology Services (Colt) is a global digital infrastructure company which creates extraordinary connections to help businesses succeed.