You are here

Five global law firms hit by cybercrime in the UK this quarter

Attacks on law firms are up 40 per cent on last quarter

24 September 2015

Add comment

By Manju Manglani, Editor (@ManjuManglani)

Cybercrime attacks on law firms in England and Wales are rising rapidly, suggesting an alarming trend.

There have been 19 scam alerts issued by the Solicitors Regulation Authority (SRA) since the start of September, up 46 per cent on the previous month.

Thirteen scam alerts were issued in August, before which there were 17 alerts in July. In the previous quarter, there were 14 alerts in June, five in May and 16 in April.

The statistics to date for the current quarter represent a 40 per cent quarter-on-quarter increase in scam alerts.

The majority of the scams were phishing emails by fraudsters claiming to be from the firms and asking for bank account details or new funds.

Firms which were targeted for cybercrime this quarter include international law firms Clifford Chance, Berwin Leighton Paisner, Nabarro, Dechert and Bird & Bird.

Several other top-100 UK law firms were also subjected to scams, such as Hill Dickinson, Kingsley Napley and Browne Jacobson.

In early June, the SRA issued a warning that UK law firms were being increasingly targeted by cyber criminals. This was followed by a note in August about an email scam which targeted conveyancing firms.

However, the rise in attacks suggests that firms need to do more to protect their reputations and their clients or risk falling victim to fraudsters.

Commenting on the news, Nigel Wright, managing director of Converge TS, said: "As a matter of urgency, law firms should be reviewing their cybercrime prevention strategies and email security.

"Firms could be subject to reputational issues if clients and/or client information is affected as a result of cybercrime. They could also face reprimand by the SRA and the Information Commissioner's Office (ICO), with potential costs if they breach the SRA's strict Code of Conduct or the ICO's data protection rules."

The majority of data security breaches by UK law firms last year were caused by human error, according to the Information Commissioner's Office.

Clearly, training will need to be provided to lawyers and support staff on data protection to avoid further lapses.

"Scammers hope that their infiltration attempts will access people who are not necessarily familiar with your firm's policies and procedures," suggested Wright.

"So, with a little creativity, they can access systems and potentially take down your firm's IT."

Firms will also need strong technology defences against creative new cybercrime attacks on their reputations and client bases.

However, only 26 per cent of law firms plan to invest in new data security systems over the coming year and just over half have systems in place to monitor and manage such risks, Managing Partner’s research has found.




Categorised in:

Risk & Compliance Technology