Advancing UK Aerospace, Defence, Security & Space Solutions Worldwide
  • Home
  • /
  • Security
  • /
  • NCSC urges legal firms to strengthen their cyber defences

Security

NCSC urges legal firms to strengthen their cyber defences

Legal firms have today been issued with the latest guidance and steps to take to combat the evolving cyber security threats the sector faces.

Above: To view the Cyber Threat to the Legal Sector report, click here .

The National Cyber Security Centre – which is part of GCHQ – has published its latest Cyber Threat to the Legal Sector report to highlight the potential threats to legal firms, from ransomware attacks by criminals to intellectual property theft by state actors.

Advertisement
Gulfstream RT

The report, which updates a previous iteration from 2018, looks to help UK law practices of all sizes and types of law be more resilient to the main methods of attack.

It warns how the widespread adoption of hybrid working, accelerated during the COVID-19 pandemic, has increased the risks online and how sensitive information and the sums of money firms often handle can make them particularly attractive targets to attackers.

The report also contains case studies which emphasise the severe impacts that incidents can have; for example, conveyancing firm Simplify Group was left unable to process house moves for weeks after an attack, which is reported to have cost the company £6.8 million.

Another firm, Tuckers Solicitors LLP, had data relating to 60 court cases stolen and leaked on the dark web after it fell victim to a ransomware attack.

NCSC CEO Lindy Cameron said: “The UK legal sector carries out essential work to uphold our society; however, we know the sensitive data legal firms handle can make them attractive targets to online attackers.

“With the cyber landscape constantly evolving, the NCSC has produced an up-to-date picture of the latest threats facing the sector, alongside advice and guidance designed to ensure the sector can stay secure.

“I urge all legal practices to follow the guidance in this report and take full advantage of the NCSC’s tools that it recommends to help increase their cyber resilience.”

The report has been produced with input from a range of industry experts and stakeholders, including the Law Society, the Bar Council, the Solicitors Regulation Authority, Action Fraud, National Crime Agency and the NCSC’s Industry 100 partners.

The Bar Council CEO Malcom Cree said: "This new report is both welcome and important. It provides extensive advice, information, and assistance to equip the legal sector with a better understanding of the challenges we all face. The report enables us all to reflect on the many challenges and focus on building better cyber security resilience in the legal sector.”

The Law Society President Lubna Shuja said: “It is vitally important that solicitors and law firms, whether large or small, are aware of the cyber threats they face and take steps to safeguard their systems. This new report from NCSC is a timely intervention that will be an essential resource for our members, providing information, practical guidance, and tools to help the legal sector protect the sensitive data it holds against cyber attack.”

The NCSC has a range of guidance and tools that organisations can access to improve their cyber security resilience, including the NCSC’s Active Cyber Defence (ACD) programme or the Cyber Essentials programme to secure a baseline of cyber security protections.

Advertisement
Gulfstream RT

Also, following a successful initial first year, smaller legal aid organisations can apply for free support with securing Cyber Essentials certification through the Funded Cyber Essentials Programme.

 

 

 

 


 

Advertisement
Babcock LB
Met makes arrest milestone using LFR

Security

Met makes arrest milestone using LFR

10 July 2025

More than 1,000 wanted criminals have now been arrested by the Metropolitan Police Service using Live Facial Recognition (LFR), including paedophiles, rapists and violent robbers.

NCA arrest four for cyber attacks on M&S, Co-op and Harrods

Security

NCA arrest four for cyber attacks on M&S, Co-op and Harrods

10 July 2025

Four people have been arrested in the UK this morning as part of a National Crime Agency (NCA) investigation into cyber attacks targeting M&S, Co-op and Harrods.

Metis to supply Skyperion to NATO ally

Defence Security

Metis to supply Skyperion to NATO ally

10 July 2025

Metis has won a contract to supply a number of Skyperion drone detection systems to a NATO customer to provide the drone detect function as part of an integrated Counter Uncrewed Air Systems (C-UAS) capability.

Serco appoints Keith Williams as Chair

Aerospace Defence Security Space

Serco appoints Keith Williams as Chair

4 July 2025

Serco has appointed Keith Williams to the Board as a Non-Executive Director and Chair designate.

Advertisement
Gulfstream RT
Boeing appoints Stephen Parker as CEO of BDS

Defence Security Space

Boeing appoints Stephen Parker as CEO of BDS

3 July 2025

Boeing has appointed Stephen (Steve) Parker as president and chief executive officer of its Defense, Space & Security (BDS) business, effective immediately.

Lancashire aims at advancing cyber-enabled defence and security

Defence Security Events

Lancashire aims at advancing cyber-enabled defence and security

3 July 2025

Over 200 senior business leaders, investors, policymakers and academics from across the UK gathered this week at the Lancashire Cyber Festival to discuss Lancashire’s opportunity to become a global leader in cyber-enabled defence and security.

Advertisement
Gulfstream RT