top of page

Ransomware Advice for Law Firms

Following a recent spate of ransomware incidents impacting firms in the criminal law sector, we are writing this article on behalf of the National Cyber Security Centre (NCSC) to highlight their advice, guidance, and services that are freely available to help you to protect your organisations. Please share this email with the person responsible for IT within your firm.

Law firms are an attractive target for cyber-attacks as they hold sensitive client information, handle significant funds and are a key enabler in commercial and business transactions.

Findings show the most significant cyber threats law firms face include phishing, ransomware, data breaches and supply chain compromise. For example, a hostile actor might gain initial access on to a target network via phishing email, exfiltrate sensitive company data and finally drop destructive ransomware on to the network, before attempting a so called ‘double extortion’ against the victim.

To help your organisation mitigate the threat, we encourage all firms to: Adopt a good password policy and if possible, implement MFA. Implement a proper patching regime. Back up your data securely.

The NCSC now has a subscription centre where you can sign up to receive threat reports, news on digital loft events and more. You can opt out at any time, but we encourage you to remain subscribed in order for us to disseminate the most up to date information direct to your mailbox.

Please also feel free to share the link to the NCSC subscription centre with your colleagues and partner organisations, as we are keen to share information with as wide an audience as possible.

How NCSC can help protect you & your business

This guidance helps private & public sector organisations deal with the effects of malware (which includes ransomware). It provides actions to help organisations prevent a malware infection, and also steps to take if you’re already infected.

Early Warning is a free NCSC service designed to inform your organisation of potential cyber-attacks, on your network as soon as possible. The service uses a variety of information feeds from the NCSC, trusted public, commercial and closed sources, which includes several privileged feeds which are not available elsewhere. You can sign up to the Early Warning service here.

A free online tool which helps organisations find out how resilient they are to cyber-attacks and practise their response in a safe environment

This guidance provides a multi-layered set of mitigations to improve your organisation’s resilience against phishing attacks, whilst minimising disruption to user productivity. The defences suggested in this guidance are also useful against other types of cyber attack, and will help your organisation become more resilient overall.

Poor passwords make you more vulnerable to a cyber-attack. Whilst not a password panacea, selecting three random words is still better than enforcing arbitrary complexity requirements.

To help firms further, the NCSC and industry partners have a ‘Legal Sector’ group on the free. CiSP is a joint industry and government initiative set up to exchange cyber threat information in real time, in a secure, confidential and dynamic environment, increasing situational awareness and reducing the impact on UK business.

Contact us

Contact NCSC: Get in touch with us for general enquiries, feedback and requests for information.

Cyber Incident Signposting Service (CISS): NCSC’s streamlined service to direct you to the most appropriate agency to report a cyber incident to, this is for businesses & organisations only.

Suspicious Email reports Service (SERS): Discover how to report a potential phishing message.



bottom of page