Supply Chain Attack On British Law Firms

Uploaded on 2023-11-29 in FREE TO VIEW, BUSINESS-Services-Law, BUSINESS-Services-IT & Telecoms

A specialist Managed Service Provider (MSP) for UK law firms is “urgently investigating” a cyber attack that has disrupted its services, potentially leaving hundreds of UK law firms and home buyers unable to access their case management systems.  The UK government is “closely monitoring the company’s situation,” according to a government spokesperson.

The firm, CTS, has said that it was “experiencing a service outage which has impacted a portion of the services we deliver to some of our clients,” and confirmed “the outage was caused by a cyber-incident.”

Industry journal Estate Agent Today has said that CTS was hacked through the CitrixBleed bug which US officials have warned is being used by both state-sponsored and cyber criminals. It is estimated that as many as 200 firms  were left unable to access phone, emails, or case management systems.

CTS said it was “working closely with a leading global cyber forensics firm to help us with an urgent investigation into the incident and to assist us in service restoration.” but could not give a timeline for “full restoration,” and promised to communicate directly with the clients who were affected. 

Leading UK-based law firms, including O’Neill Patient, Talbots Law and Taylor Rose MW, have issued statements informing customers that they are “currently experiencing service difficulties due to a technical outage affecting multiple organisations within the legal sector.”

This incident comes just a few weeks after the British government failed to introduce promised legislation that would require MSPs to increase their cybersecurity protections.

MSPs are “an attractive and high value target for malicious threat actors, and can be used as staging points through which threat actors can compromise the clients of those managed services,” the government had stated when it originally announced the legislation.

CTS:   Estate Agency Today:   Todays Conveyancer:    Infosecurity Magazine:   The Record:  

Bleeping Computer:

Image: Erik Mclean

You Might Also Read: 

Global Law Firm Breached & Data Stolen:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« Spy Agencies Are Hiring Via LinkedIn
Attack On Denmark's Critical Infrastructure »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

LogRhythm

LogRhythm

LogRhythm's security platform unifies SIEM, log management, network and endpoint monitoring, user behaviour analytics, security automation and advanced security analytics.

Redbud

Redbud

Redbud is a specialist search and recruitment firm for Information Security professionals.

Cyber Security Specialists

Cyber Security Specialists

Cyber Security Specialists Limited provide Security services across a wide range of markets, from multi-national Corporate Organisations and Government Agencies, through to smaller Businesses.

Cyber Forensic & Investigation (CFI)

Cyber Forensic & Investigation (CFI)

Cyber Forensic & Investigation (CFI) is recognized as Thailand’s leader in cyber investigations and digital forensics.

Excelerate Systems

Excelerate Systems

Excelerate Systems is a leading provider of IT services with a focus on Big Data, Cloud Services and Security.

Bace Cybersecurity Institute (BCI)

Bace Cybersecurity Institute (BCI)

Bace Cybersecurity Institute focuses on understanding, empowering and taking action across four critical areas driving continual improvement toward a safer, more secure cyber world.

Blockchain Solutions

Blockchain Solutions

Blockchain Solutions Limited is a technological One Stop Solution provider, for Blockchain technology.

Technology Law Alliance (TLA)

Technology Law Alliance (TLA)

Technology Law Alliance is a specialist IT law firm focussed on the fields of technology, outsourcing and e-commerce.

Defendify

Defendify

We built Defendify to help small businesses navigate the cybersecurity landscape with cybersecurity that is dead simple, affordable, and works around the clock.

Vention

Vention

Vention (formerly iTechArt) is the partner of forward-thinking tech leaders around the globe.

Force Majeure

Force Majeure

Force Majeure specializes in cybersecurity, incident response, and digital forensics, with experience spanning more than a decade.

Hyperion Gray

Hyperion Gray

Hyperion Gray are a small research and development team focused on innovative work in a variety of areas including Software & Security Research, Penetration Testing, Incident Response, and Red Teaming

National Cybersecurity Consortium (NCC) - Canada

National Cybersecurity Consortium (NCC) - Canada

The NCC’s mandate is to keep Canada’s cyber and critical infrastructures and citizens safe while ensuring Canada’s global competitiveness and leadership in cybersecurity.

VinCSS

VinCSS

VinCSS Internet Security Services JSC is a leading organization working in the field of researching, developing, producing products as well as providing cyber security services.

SilverEdge Government Solutions

SilverEdge Government Solutions

SilverEdge is a next generation provider of innovative and proprietary cybersecurity, software, and intelligence solutions for the Defense and Intelligence Communities.

Visernic

Visernic

VISERNIC is a cyber security firm with a team of certified security experts dedicated to protecting organizations from evolving cyber threats.