£11 million stolen from clients of Legal Firms in the last 12 months
A National Cyber Security Centre report finds that legal companies are the top target for cyber-attacks, highlighting the importance of cyber defence strategies.
With 60% of legal firms reporting cyber-attacks in the last 12 months, this appears to have had a knock-on effect with £11m stolen from clients by cyber criminals.
As part of the National Cyber Security Centre’s (NCSC) mission to raise the cyber maturity and resilience of law firms they collaborated with the industry, the legal sector and law enforcement. This is the first report into the vulnerability of legal firms to cyber-attacks and is aiming at encouraging industry-wide adoption of cyber security best practice.
“Like all businesses, law firms are increasingly reliant on IT and technology and are falling victim to a range of malicious cyber activity,” wrote Ciaran Martin, CEO of the NCSC, in the foreword to the report.
“Losing access to this technology, having funds stolen or suffering a data breach through a cyber-attack can be devastating, both financially and reputationally, not only for the firm but also its clients.”
The report highlighted the need for legal firms to take a stronger approach to this matter. “Cyber security is all too often thought of as an IT issue, rather than the strategic risk management issue it actually is,” warning legal firms that they put the whole industry in jeopardy if they do not protect the highly sensitive information they are dealing with.
According to the report, the most significant cyber threat to law firms in phishing, data breaches, and ransomware. It also highlighted the reasons law firms maybe more liable to attack due to the sensitive nature of both subject matters and the clients they deal with.
Financial gain is a key factor for hackers who are looking to gain more than gratification from their attacks. With legal firms working as a mediator between companies and handling large sums on money, it is no wonder that the industry is being targeted.
Here at Xenace we believe that education of employees is the best line of defence when it comes to phishing attacks. To find out more about our Phishing Education products, or how else we can help you to provide a more secure IT system, Get in Touch.