Ransomware and other attacks on law firms have resulted in a number of incidents which have been publicised in the legal press, including an Information Commissioner’s Office (ICO) monetary penalty of £98,000 against a criminal legal aid firm, and successful applications for court orders against ‘persons unknown’. How much these will achieve in practice only time will tell, but they may help reduce the risk of publication in the press.

Lessons from the ICO case include the need to keep software patched up to date, use multifactor authentication (MFA), and encryption.

A report by information security service provider Tessian highlights an increase in phishing activity, and particularly involving emails relating to Ukraine.

Meanwhile, a report on Law.com, Ukraine-Russia Conflict Prep: 4 Ways Firms Should Strengthen Their Cybersecurity Efforts, gives some specific examples, citing Mark Sangster, chief of strategy at Adlumin. These include two cases where firms were exposed to ransomware through malicious links in documents –

  • Hackers posing as law students building relationships with law firm managing partners sending a link to a document purporting to be a survey;
  • A file share link in an email opened by a staff member because it was titled as the name of the case in which the firm acted, in-formation having been taken from public court documents and press coverage of the case.

A warning was given on receipt of unexpected MFA requests for sign on to online accounts, perhaps out of hours or from other countries: these should prompt a password change and informing the firm’s IT department.

Online purchases from services such as Amazon or eBay and streaming subscriptions were also highlighted as presenting risks.

We have previously encouraged firms to buy cyber insurance, though our March 2022 Risk Update posed the question of whether insurers might seek to rely on war and terrorism exclusions. We understand from insurance brokers that cyber cover is becoming significantly harder and more expensive for law firms to obtain, and may take time. One major insurer has ceased covering law firms. Early renewal is therefore essential – where possible.

‹ Back to Publications