Following a recent spate of ransomware incidents impacting firms in the criminal law sector, the National Cyber Security Centre (NCSC) is offering advice, guidance, and services that are freely available to help protect organisations.
Law firms are an attractive target for cyber-attacks as they hold sensitive client information, handle significant funds and are a key enabler in commercial and business transactions.
Findings show the most significant cyber threats law firms face include phishing, ransomware, data breaches and supply chain compromise. For example, a hostile actor might gain initial access on to a target network via phishing email, exfiltrate sensitive company data and finally drop destructive ransomware on to the network, before attempting a so called ‘double extortion’ against the victim.
To help organisations mitigate the threat, we encourage all firms to; adopt a good password policy and if possible implement Multi Factor Authentication, implement a proper patching regime and back up data securely.
The NCSC now has a subscription centre where you can sign up to receive threat reports, news on digital loft events and more. You can opt out at any time, but we encourage you to remain subscribed in order to receive the most up to date information. Please also share the link to the NCSC subscription centre (opens in a new window) with colleagues and partner organisations, as the NCSC are keen to share information with as wide an audience as possible.
This guidance helps private and public sector organisations deal with the effects of malware (which includes ransomware). It provides actions to help organisations prevent a malware infection, and also steps to take if you’re already infected.
Early Warning is a free NCSC service designed to inform your organisation of potential cyber-attacks, on your network as soon as possible. The service uses a variety of information feeds from the NCSC, trusted public, commercial and closed sources, which includes several privileged feeds which are not available elsewhere. Sign up to the Early Warning service (opens in a new window).
This guidance provides a multi-layered set of mitigations to improve your organisation’s resilience against phishing attacks, whilst minimising disruption to user productivity. The defences suggested in this guidance are also useful against other types of cyber-attack, and will help your organisation become more resilient overall.
To help firms further, the NCSC and industry partners have a ‘Legal Sector’ group on the free. CiSP is a joint industry and government initiative set up to exchange cyber threat information in real time, in a secure, confidential, and dynamic environment, increasing situational awareness and reducing the impact on UK business.
Discover how to report a potential phishing message.
Recommended Police services available to organisations
The Cyber Protect Network leads the law enforcement response of protecting the public from being targeted in a cyber-attack and empowering individuals and organisations to protect themselves. The Herts Cyber Protect Team, based at the Serious Fraud and Cyber Unit at Hertfordshire Constabulary and the Regional Organised Crime Group (ROCU) offer advice and guidance through a variety of free services such as staff training and cyber exercising. Contact Herts Cyber Protect for more information.
Police CyberAlarm: is an award-winning free tool, provided by your local Police Force, to help your business or organisation monitor and report the suspicious cyber activity it faces. The service is made up of two parts: monitoring and vulnerability scanning. It will detect and provide regular reports of suspicious cyber activity, enabling your business or organisation to identify and take steps to minimise your vulnerabilities. Police CyberAlarm is a monitoring system and does not interfere with normal network operations. More information about Police CyberAlarm can be accessed here: Police CyberAlarm (opens in a new window)
Cyber Resilience Centre (CRC): A police-led, not for profit Cyber Resilience Centre in every region in England and Wales to help businesses better protect themselves against cyber threats. Each CRC offers flexible membership packages to suit the needs of all businesses with the Core Membership being free of charge.
If you are a business, charity or other organisation which is currently suffering a live cyber-attack (in progress), please call Action Fraud on 0300 123 2040 immediately. The service is available 24 hours a day, 7 days a week. A live attack is one that is ongoing, that is still affecting your system and your ability to work and there is an opportunity for law enforcement to stop the attack and/or secure evidence that will assist an investigation.
Reporting fraud or cybercrime to Action Fraud
You can report fraud or cybercrime to Action Fraud any time of the day or night using their online reporting tool. Reporting online to Action Fraud (opens in a new window) it is quick and easy. The tool will guide you through simple questions to identify what has happened. You can also report to us by calling 0300 123 2040 Monday to Friday 8am - 8pm.