mySRA Contact us
  2. About us
  3. News and events
  4. The threat of cybercrime

The threat of cybercrime

News

17 September 2020

With Covid-19 meaning many law firm employees are now working remotely and carrying out both personal and business affairs online, a new report has highlighted the need to remain extra vigilant over the threat posed by cybercriminals.

Our Cybercrime Thematic Review took an in-depth look at 40 incidents of cybercrime reported by law firms over a three-year period. While not all resulted in financial loss, the cases reviewed did collectively see more than £4million stolen by criminals.

The review found that law firms and legal transactions were still a common target for cybercriminals. Two of the larger firms visited reported that they were targeted by hundreds of different cyberattacks every year.

Most of the firms visited said they were aware of the dangers posed by cybercrime and felt that the most important factor in defending against it was the knowledge and behaviours of their staff. Despite this, we still found that only around two-thirds of staff in the firms visited claimed to be ‘knowledgeable’ about cybersecurity and IT issues, with some senior figures even unable to answer basic questions about terminology.

Although human error was identified as their biggest risk, more than a quarter of firms visited did not have adequate cybersecurity policies and controls in place, while a fifth did not provide specific training on IT and cybersecurity.

Other worrying practices included:

  • More than half of firms allowed external USB sticks to be plugged into company devices
  • Two firms were using out-of-date Windows operating systems, with a further 16 using systems soon to become unsupported
  • Firms did not necessarily report/know when they had to report incidences of data theft to the Information Commissioner’s Office

You can read the review here: Go to the thematic review

We will be holding a webinar on the review next Wednesday, 23 September. Further information is here: Go to the webinar page

Because of the increased home working and potential, we published dedicated Covid-19-themed cyber security advice in April. The National Crime Agency reported a 400 per cent increase in cybercrime attacks in the first two weeks of lockdown alone.

Top