UK Law Firms at Increased Risk of Being Hacked

British law firms are at increased risk of being hacked due to a growing number of cybercrime-as-a-service groups, the country’s top cybersecurity agency warned in a new advisory.

See Also: OnDemand Webinar | Learn Why CISOs Are Embracing These Top ASM Use Cases Now

Law firms are particularly of interest to hackers as they handle highly sensitive data such as intellectual property, the U.K.’s National Cyber Security Center warned Thursday. As a result, the industry is witnessing a surge in attacks from hackers attempting to exfiltrate sensitive data for financial gains.

In some cases, hackers have been known to target organizations handling particular criminal cases to influence the legal outcome as well, the agency added.

An increasing number of these attacks are stemming from cybercrime-as-service groups that are now selling advanced hacking tools to other cybercriminals. This has resulted in novice crooks undertaking sophisticated attacks against legal firms, the agency said.

“Experienced attackers are increasingly selling their services to others, enabling even more criminals to target companies and individuals,” according to the NCSC. “They provide the products and the expertise to help novices deliver malware payloads or distributed denial of service as a service.”

The websites of most law firms contain vast amounts of information such as contact details for their senior staff, and the NCSC warned that hackers could use these details to craft phishing emails that appear to come from legitimate sources – to steal credentials or attempt payment fraud.

In 2022, threat group Crimson Kingsnake intercepted payments from several law firms through domain-spoofing attacks using false invoice emails.

The report also warns of ransomware and nation-sate attack threats to law firms. While ransomware gangs tend to target bigger organization to extort huge ransoms, nation-state groups – particularly campaigns from Iran, North Korea and China – are inclined to steal intellectual property, the report says.

It also says the legal sector is at increased risk of spyware campaigns akin to Pegasus that could snoop on civil rights lawyers or support espionage activities. Victims of such campaigns include Rodney Dixon, a prominent London-based human rights lawyer who was targeted with Pegasus in 2019.

The NCSC recommends backing up important files regularly and storing them offline as preventive measures against ransomware and other cyberthreats. It also recommends deploying multifactor authentication and ensuring least privilege access to guard against attacks.