Executive summary

A cyber attack on CTS, who are a leading IT provider for law firms, conveyancers, and others within the UK’s legal sector, has resulted in a significant outage across 80-200 UK law firms. This comes as major law firm Allen and Overy were removed from a ransomware website one day before the deadline.

What’s the risk to me or my business?

If you use or have previously used CTS as a provider, the confidentiality, integrity and availability of your data may be compromised. Some firms have already felt the impact, being left unable to work due to outages. At current, there is no indication as to when availability will resume.

What can I do?

Black Arrow recommends firms check whether they are using CTS or have used CTS as a provider. In addition, firms should also be extra vigilant when communicating with other UK law firms as their may be an increased risk of phishing.

Black Arrow offer a free, no-obligation, introductory consultation to help you gain an unbiased perspective on your current security approach could withstand an attacker. We help our clients to know the questions to ask of their external or internal IT provider, and how to leverage other security controls from existing resources.

Further information and guidance can be found here:

https://www.computing.co.uk/news/4150671/law-firm-service-provider-cts-hit-major-cyberattack

https://www.law.com/international-edition/2023/11/27/allen-overy-removed-from-ransomware-website-1-day-before-deadline/

Need help understanding your gaps, or just want some advice? Get in touch with us.

#threatalert #threatintelligence #cybersecurity