Threats Facing The Legal Sector In 2018

The National Cyber Security Centre (NCSC) recently released the “Cyber Threat to UK Legal Sector Report 2018” highlighting that the cyber threat to the UK legal sector is significant, with 60% of law firms reporting an information security incident in the last year.

The Solicitors Regulation Authority (SRA) reports that over £11 million of client money was stolen due to cybercrime in 2016-17 and it appears that the motive behind these cyber-attacks is principally financial. The sensitive client information and significant funds that law firms hold unfortunately makes them prime targets for cyber attackers. Many law firms are also moving to offer legal services digitally which will facilitate new opportunities for malicious cyber exploitation.

All too often cyber security is thought of as an IT issue rather than the strategic risk management issue it truly is. Failing to protect your highly sensitive client information could land your whole practice in jeopardy and ultimately risk your reputation.

The most significant threats to the legal sector


  • Most common cyber-attack affecting law firms with 80% reporting phishing attempts in the last year
  • Typically carried out via email but can also be conducted via text message, social media or by phone
  • Attackers influence users to do ‘the wrong thing,’ such as disclosing information or clicking a bad link
  • Both law firms and their clients can be targeted with cyber actors spoofing firm’s email address to make messages to clients more convincing
  • One of NCSC’s industry partners estimate that they receive over 11,500 phishing emails every month, across 5,000 staff


  • Make it difficult for attackers to reach your users
  • Educate users to identify and report suspected phishing emails
  • Protect your organisation from the effects of undetected phishing emails
  • Respond quickly to incidents
  • Implement processes to verify (via independent means) invoices and account details for money transfers
  • Using ‘cooling off’ periods for changing account details for high value transactions
  • Encourage a culture where suspicious transactions are queried and rushed or improperly validated payments are refused
  • Educate your clients about your firm’s invoice and money transfer process to help them avoid falling victim to a phishing attack


  • Loss of client information can have a devastating impact on a sector that has confidentiality at the heart of its business. Law firms with politically or commercially sensitive clients are particularly at risk of being targeted
  • In the two years to leading up to March 2018, eighteen law firms reported hacking attempts which were typically initiated by phishing
  • Law firms should be aware of the insider threat: both accidental and malicious as over half of all data breaches are caused by insiders


  • Manage security risks to personal data, utilising multi-factor authentication
  • Protect personal data against cyber attacks
  • Detect potential security incidents and monitor user access
  • Minimise the impact


  • A type of malware that prevents the victim from accessing files or data on their computer or network until a ransom has been paid, although paying the ransom does not guarantee that you will get access to your data/device
  • Email is the most common vector for ransomware with 80-90% of ransomware attacks come via this method
  • Designed to cause widespread business disruption


  • Keeping your software, and especially your operating system (OS) up to date, will greatly reduce the risk of malware infection
  • Carefully control what software and applications you choose to allow into the firm
  • Ensure your software is supported and includes a mechanism for patching and security vulnerabilities


  • These compromises have increased significantly – as much as 200% in 2017
  • A law firm’s supply chain can be compromised in various ways, for example, through the exploitation of third party data stores or software providers
  • The greatest issue is a third-party supplier failing to adequately secure the systems that hold your sensitive data


  • Check your arrangements with third-party suppliers, particularly those that hold your sensitive data and ensure that they have cyber security controls in place
  • Establish control
  • Continuously implement improvements

A look forward at cyber security

  • An increase in the use of artificial intelligence (AI). Around 40 of the 100 biggest UK law firms are already using AI systems on active files, four times the number from two years ago. This could be used maliciously to fool AI fraud checks or craft high quality phishing emails
  • Attackers will aim to exploit blockchain ledger architecture which is increasingly being used in law firms to record transactions made in cryptocurrency. Cyber attackers use routing and distributed denial of service (DDoS) to exploit any potential vulnerabilities
  • Remote working will extend the transit and storage of information to outside of the corporate infrastructure, typically over the internet. Organisations that do not establish sound remote working practises might be vulnerable to the risk of loss or theft of device, credential loss and device tampering
  • Even smaller firms can have significant funds in their client accounts therefore, it’s imperative to bear in mind that regardless of the size of the firm everyone needs to be cyber aware and resilient

How Mobliciti can help

The threat to legal firms of all sizes is increasing and it will continue to increase over the coming years as technology advances. Threats are both internal and external so ensuring you have staff who are fully informed and systems which allow detection and resolution on both computers and mobiles is imperative.

Get in touch with Mobliciti today to discover how we can help protect your firm.