Cybercrime is becoming more profitable than ever before meaning that sensitive organisations, such as barristers’ chambers, are at risk. To keep your organisation safe from cyber-attacks, it is of utmost importance to be aware of the risks and take the necessary steps to mitigate them.
Mark Wilshaw, Cyber Security Services Manager at SYTECH, the digital forensics and cyber security expert, shares an insight into some of the biggest threats that a barrister’s chamber faces today and how cyber security monitoring tools can be utilised to protect.
Confidentiality
One of the most significant cyber risks for barristers’ chambers is that a cyber breach could result in a violation of client confidentiality. Cybercriminals are very aware that barristers often handle sensitive client information and unfortunately, this therefore makes them an ideal target. For example, the cybercriminal could be trying to obtain details about a criminal case on behalf of someone involved, or in a civil matter they could be a hacker enlisted to eradicate evidence, or a disgruntled employee. These data breaches could have severe consequences for the company, not only will you face reputational damage and a loss of client trust but, there might also be legal repercussions, or a substantial fine issued by the Information Commissioners’ Office.
Furthermore, with a large volume of different devices present at different times, and the way in which data is shared and presented, there are enhanced vulnerabilities and opportunities for viruses to enter the system.
Thankfully, there are many ways to defend your barristers’ chambers. It’s worthwhile implementing encryption and secure data storage, along with data access controls. Taking into consideration how vital confidentiality is in legal practices, working with an external company with legal cyber security experience is the right course of action.
Ransomware
Given the importance of legal data, barristers’ chambers are an incredibly attractive target for cybercriminals. The fundamentals of ransomware are quite simple; cybercriminals trick someone into opening a malware file, and once the file is open, it applies unbreakable encryption to the system’s files. The only way to get the files back is by inputting a decryption key that only the ransomware attacker can provide. Generally, the only way to get this key is by paying a cash ransom to the attackers. Naturally, this puts barristers’ chambers in a difficult position. While you need to safeguard your data, you also can’t negotiate with criminals.
Ransomware attacks can lead to significant downtime and financial losses. To protect against this form of attack, it’s vital to have a robust file backup system that keeps multiple copies of essential files. With this kind of system in place, the ransomware attack is useless. You can simply revert to one of your backup files without worrying about negotiating with the criminals.
Phishing Attacks
Phishing attacks are still a common type of cyberattack. They involve tricking someone into inputting their login credentials into a fake (but convincing) website, with the criminals often creating a false login page for the organisation they are targeting. Generally, they trick the victims into using this fake login page by impersonating a trusted individual.
Phishing attacks are frequently used as a stepping stone towards another attack. Having login information may give criminals access to all of your internal cyber systems. Sometimes, cybercriminals cast a wide net and try phishing techniques on a large number of people at once. On the other hand, they’ll sometimes target specific people or organisations. Barristers’ chambers can make an attractive target for this kind of attack because of the sensitive data they handle.
Notably however, there are steps that can be taken against phishing attacks. One of the main and most effective defence mechanisms is having a multifactor authentication login system, this is when you’ll need to confirm your identity using a second device whenever you log in. For example, you might log in via a website, and you’ll receive a code on your mobile phone. A cybercriminal would then need to compromise your phone as well if they wanted to breach your systems.
You can also help to prevent phishing attacks through staff awareness training. Phishing scams often have telltale signs you can easily spot (if you know what to look for) for example, fake login sites often use misspellings of the original URL.
Software Exploits
Some of the most devastating cyber attacks in history have happened because attackers were able to exploit security holes in software. Legal organisations such as barristers’ chambers need to ensure they only use secure software although, this can be a challenge as cybercriminals frequently identify new weaknesses in software they can exploit. Good software vendors work to identify these problems and release a security patch to fix the issue. To stay safe from software exploits, it’s imperative to ensure that you always keep your software up to date.
It is also important to work with software companies that take security seriously. In addition, a cyber security monitoring company could alert you to any software exploits that could potentially impact your organisation.
Cyber Security Monitoring and Prevention Tools
To stay on top of any potential cyber threats, it’s important to have the right safeguards in place and there are many cyber security monitoring tools available that can play a significant part in helping you to be aware of the possible threats to your organisation; think prevention, rather than recovery.
Technology such as Security Information and Event Management tools will continuously monitor all activity on each workstation on the system, whether that be devices in the office or remotely working from home.
Furthermore, there are tests that can also be undertaken to determine how vulnerable a system is, either through a standard vulnerability assessment which performs an overall scan for any clear vulnerabilities, or a more robust penetration test. Generally, dependent on budget, it is recommended that a vulnerability assessment should be performed monthly or quarterly, and a penetration test every 6-12 months.
A penetration test is comprehensive and will manually test the effectiveness of existing security measures whilst identifying gaps and vulnerabilities. At SYTECH for example, we use penetration testing to stage a simulated cyber attack against the systems. It’s a highly effective way of exposing areas of weakness with the potential to be exploited. Our security specialists will then use the information from this test to inform the next steps for the business to protect sensitive information and ensure compliance.
With cyber attack methods evolving as fast as technology, it’s vital to be one step ahead with security measures. Another way to provide reassurance to clients and have confidence in your systems is with Cyber Essentials certification. Cyber Essentials is a Government-backed, industry-supported scheme developed to assist organisations in protecting themselves against the most common online threats, and in evidencing their commitment to cybersecurity and the protection of customer data.
Mark Wilshaw, Cyber Security Services Manager at SYTECH,
