Category: Cybercrime

Categories
Business Advice Cyber Insurance Cyber Security Cyber Security Training Cybercrime Information Security Legal Sector Professional Practices

Legal Profession: Firms turning to cyber insurance as scammer attacks continue to rise

The proportion of law firms targeted by scammers has risen sharply over the last year, especially among larger firms, as has the number of practices taking out cyber-insurance, according to new research from the Law Society.

The Law Society Survey of 601 sole practitioners and firms with between two and 25 partners was commissioned for its annual review of the previous indemnity insurance round.

26% of firms said they were targeted by scammers in the previous year. This figure increases as firms got larger, to 50% of firms with 5-10 partners (Up from 34% in 2016) and 64% of firms with 11-25 partners (Up from 44%  in 2016).

Most common forms of scam were spam emails/phishing. Others included: Malware/computer viruses, cyber attacks, telephone calls/vishing and invoice fraud.

The two main responses were taking internal activity (such as increased cyber security training and additional checks, balances and reminders) and updating existing security systems.

Firms contacted the police in 19% of all cases.

Approximately 42% of firms surveyed with 5-10 and 11-25 partners now have cyber insurance in place – and almost all of the others have at least considered it – although the figures fall for smaller firms.

We are interested in hearing from you about your Cyber insurance experience… Are you looking to take out Cyber Insurance for your business? Or if you already have cyber insurance, has your experience been a positive of negative one?

Categories
Cyber Security Cybercrime Internet of Things UK News

Internet Of Things – Household appliances vulnerable to hackers

An article in the Daily Telegraph today highlights the potential Cyber and Data risks that are inherent in certain “smart” household appliances.

Mike Barton, the Chief Constable of Durham Police, and the national lead on crime operations, has warned that consumers who purchase internet-enabled devices such as televisions, refrigerators “intelligent” childrens’ toys and even toasters(!) are leaving themselves susceptible to hackers who could use them to gain access to home wi-fi systems and ultimately sensitive banking and financial information such as bank accounts.

Mr Barton stated that criminals were “poised to take advantage of flaws in online security” and suggested that all appliances capable of connecting to the internet should carry a kitemark rating showing how secure they are.

Categories
Cyber Security Cyber Security in Scotland Cybercrime

Almost 60% of Scottish Councils Hit by Cyber Attacks

An investigation by The Scotsman revelaed that almost 60 per cent of Scottish councils and more than half of Scotland’s health boards have been targeted by cyber criminals since 2014, a Scotsman investigation has revealed. Nine universities and numerous government bodies have also been hit during the last three years, the investigation found.

Some local authorities reported being bombarded with thousands of spam emails and receiving ransom demands to decrypt data.

Freedom of Information requests showed 19 of Scotland’s 32 councils experienced either attempted or successful attacks since 2014.

Ransomware attacks were reported by 14 local authorities, sometimes on multiple occasions.

Four councils refused to reveal any information, with two fearing doing so would leave them vulnerable to future attacks.

Of the incidents logged by 19 councils, only nine authorities reported any of them to police, although no data was stolen or lost.

The investigation revealed Scottish local authorities were subject to more than 50 notable incidents in the past three financial years with Aberdeen City Council one of the hardest hit (2014 and 2017, it suffered 12 successful cyber attacks, including six ransomware incidents, having its webpage defaced and recording more than 15 million attempts, including intrusion threats, spam, web risks and viruses, in the last eight months of 2016).

Other Statistics:

  • Highland Council targeted 953 times (including two partially-successful ransomware attacks)
  • East Lothian Council received more than 415,000 unsuccessful spam emails
  • Perth and Kinross Council reported blocking an average of 1.2 million spam emails every month
  • Falkirk, Glasgow City, North Ayrshire and Dumfries and Galloway councils refused to disclose any details
  • Dundee City Council was on the receiving end of three ransomware attacks
  • North Lanarkshire Council had two malware incidents in 2015 and three ransomware in 2016
  • Edinburgh City Council reported nine incidents, including malware preventing access to systems, a sustained denial of service (ddos) attack, and malware being installed and copied
  • 11 of Scotland’s health boards were affected by the WannaCry attack in May which affected the NHS network across the UK
  • NHS Fife logged 693 attempted malware attacks
  • NHS Lanarkshire reported 51 attempted or successful attacks and NHS Greater Glasgow
  • NHS Clyde was subject to four cyber breaches in 2016, where files became inaccessible after being encrypted by ransomware. In all cases, data was recovered and the ransom was not paid
  • NHS Tayside reported up to 7,000 attempts every month including ransomware
  • Dumfries and Galloway, Shetland and the Borders health boards said they had no attempted cyber attacks. No board reported losing data.

In the overwhelming majority of cases the breach affected limited areas of the public body’s network, with swift action taken to contain and repair systems and no patient data lost or compromised. The fact that a wide range of measures are taken to ensure basic security standards are met means that losses and fallout are mitigated.

A spokesman for local authority umbrella body Cosla said: “We fully recognise how important our cyber security is and we are doing everything we can to safeguard councils against such attacks.

Detective Inspector Eamonn Keane from Police Scotland’s cyber crime unit, added: “Cyber crime has witnessed significant growth. The cyber threat to Scotland is indicative of that local, national and international threat applicable to all regions in the UK. We always encourage anyone who thinks they’ve been a victim of cybercrime to come forward and report it to police.”

We at Cyber Security Helpdesk would always agree with this best practice advice. We would also suggest that following a Cyber Attack the appropriate personnel and partners are enlisted to (a) fight the attack, (b) repair systems, (c) ensure that business continues as normal.

Categories
Cyber Security Cyber Security Recruitment Cyber Security Training Cybercrime UK News

Cybercrime Failure Costly

In today’s news, the National Audit Office has criticised police, the government and banks for failing to tackle cybercrime after it was revealed just one in 150 police officers is dedicated to investigating cyberfraud.

The NAO says the cost to the economy as a whole was £144bn last year.

Sir Amyas Morse, head of the National Audit Office, said: “For too long, as a low-value but high-volume crime, online fraud has been over-looked by government, law enforcement and industry. It is now the most commonly experienced crime in England and Wales and demands an urgent response.”

Categories
Business Advice Cyber Insurance Cyber Security Cybercrime Legal Sector Professional Practices UK News

Legal Profession: Beware of ‘Friday afternoon fraud’ risk

Over the past year, we have noticed a rise in the number of law firms being tricked into giving bank details to fraudsters in so-called ‘Friday afternoon scams’.

The Solicitors Regulatory Authority) confirms that it is a growing problem and itself continues to receive regular reports of scammers stealing from firms despite repeated warnings to professionals not to disclose sensitive details.

Criminals tend to target conveyancing firms with large amounts of money in client accounts and are increasingly sophisticated in how they persuade people to release information.

Instances of so-called ‘Friday afternoon fraud’ are of huge to concern to solicitors and their insurers and with the average house price nearing the £300,000 mark, it is easy to see why such frauds have such a potential impact on a firm’s claims’ record.

These “Friday Afternoon Frauds” appear to follow a particular pattern. They are calculated and highly sophisticated, employing legal industry experience, banking industry experience, (usually) a well financed setup (taking place in what appears to be a call centre established for this purpose), psychology of the firm’s staff and a discreet knowledge of a specific firm’s financial or client details.

They typically take place on a Friday afternoon (hence the name!), starting with a telephone call to the firm’s accounts department or FD, purporting to be from the fraud unit of its own bank. The caller is able to provide (apparently by hacking the firm’s online banking access) details of the genuine transactions made that day, thereby giving the impression of legitimacy. This is also known as a “Vishing” scam. The fraudster will claim that suspicious transactions have been made from the account and that it has been frozen, and will offer the firm assistance with any urgent payments that it needs to make in the meantime. The firm will be required to provide its online bank details, which the caller then quickly uses to defraud the firm with individual payments typically being for slightly less than £100,000, to avoid detection for as long as possible, and where multiple payments are made they will be for differing amounts, in order to avoid raising the bank’s suspicion.

Once each payment is made it is quickly transferred to other accounts and often moved out of the jurisdiction. As these payments are usually made on a Friday afternoon and may not be discovered until the following Monday, catching the criminals by chasing the flow of funds can be next to impossible as they will have long since been dissipated. Many scams also occur either side of the Christmas break, taking advantage of the holiday period.

Other examples of online fraud committed against law firms is “Phishing” scams where a fraudster may hack into a client’s email account or that of another third party involved in the transaction such as a mortgage broker and direct a solicitor or client to transfer proceeds from their sale to a different bank account or a solicitor’s own email account or server may be hacked or impersonated so clients are directed to send monies to accounts other than the solicitor’s client account. The hacking can occur from something as simple as a predictible password being used by a firm employee, lack of robust authentication to log in to a firm’s systems or Malware (malicious software) being unwittingly downloaded from e.g. an unsolicited email communications giving the perpetrators the ability to intercept communications and attempt to hijack money from client accounts.

The SRA has confirmed that law firms and clients have being the victims of scams and schemes totalling millions.

We would advise firms to take the following basic precautions:

  1. Never reveal banking security information over the telephone, even if the caller appears to be genuine and to have knowledge of your account. Independently validate callers by contacting somebody they already know at the bank, preferably using a separate telephone line, for example a mobile. (There have been examples of scammers keeping the line open to intercept any follow-on call to check.)
  2. Employing two-factor authentication on any remote access availability and ensure all user passwords are both sufficiently difficult to predict and are changed regularly.
  3. Always confirm bank details with clients by telephone or in person.
  4. Ensure that all Cyber or Data Warnings to clients are prominently displayed on ALL email correspondence, paper correspondence and repeated by telephone during the course of a matter.
  5. Circulate this advice to all staff, so they are aware of the issue. Ensure staff understand these risks and have undergone cyber and data security training.
  6. Respond swiftly. If you suspect or become aware that you have been a victim of such fraud, contact your bank and broker or insurer as soon as possible. The quicker action is taken, the greater the chances of recovering the money taken.

The potential losses (and consequentially the financial, reputational and regulatory impact on the firm) are significant and a number of firms have already been affected, so management and staff should be advised to remain vigilant.

Should you require any assistance with Cyber or Data breaches, contact us to discuss our incident response service. As one of the UK’s leading integrated incident response service providers, we can advise on technical, legal, regulatory and reputational matters.