top of page
  • Writer's pictureJared Thompson

75% of Law firms have been the target of a cyber attack

When you’re working with a client to complete their new home, the last step is for the mortgage provider to release the funds. You’re informed that the money is coming, but nothing arrives. A cybercriminal has instead intercepted the funds, which are now in their bank account.

Legal firms handle large financial transactions and send and receive bundles of sensitive client information daily.

To control this volume of data, legal firms rely on digital technology and systems to carry out daily tasks, including online bank transfers, automated identity checks or simple emails from the firm to their clients.

A 2023 report by the National Cyber Security Centre (NCSC) states there are “over 230,000 solicitors and legal executives practising in the UK” - that’s a lot of professionals who routinely handle highly sensitive client information (for instance relating to ongoing criminal cases, or mergers and acquisitions) that may be valuable to criminal organisations with interest in exploiting opportunities for insider trading,

The report also states that the legal sector (all of the professionals stated above) are most likely to be targeted by Cyber Criminals (attackers whose motivation is their gain, usually financial), Insider Threats (staff members who either accidentally or intentionally harm a company, commonly through data theft/exfiltration), and Nation States (attackers whose motivation is through service to the state/nation/country, the NCSC states “Russia, Iran and North Korea have all been identified as using criminal actors for state ends”).

In addition to the NCSC, Cyfor Security reported that cyber attacks against law firms are rising, with 73 of the UK’s top 100 targeted, with the number of leading law firms experiencing an attack rising from 45% in 2018/19 to 73% in the most recent financial year.

The report also stated that attackers are not solely focusing on large multinational firms but on smaller firms. This is because the types of data held are the same and equally valuable; this data includes vast amounts of money, information and client data.

A report by the Solicitors Regulation Authority showed that 75% of Law firms have been the target of a cyber attack

The SRA showed 75% of Law firms have been the target of a cyber attack, with 23 of the 30 cases in which firms were directly targeted seeing more than £4m of client money stolen. The financial impact of a data loss is more difficult to calculate, but these often result in further indirect financial costs. For example, one firm lost around £150,000 worth of billable hours following an attack that disrupted its system.

Firms also report that attacks are not isolated incidents. Two large firms report being targeted hundreds of times yearly, although most of these attacks were unsuccessful.

Twenty-three firms informed law enforcement following their last cybercrime incident.

These included incidents where:

  • A client transferring £70,000 to a cybercriminal

  • A £70,000 bank transfer was made to a fraudster in an unrelated incident by a separate client

  • A solicitor transferred £340,000 to a fraudster

Cyber security is an issue for any process wholly or partially reliant on technology, including those facilitated online, via email or any computer or device.

Free Membership banner for law firms

How can the Cyber Resilience Centre help legal firms and financial sector businesses?

To help legal firms and financial sector businesses (like accountants) outsmart cybercriminals and toughen up their cyber security, the North West Cyber Resilience Centre has been established to provide businesses from all sectors and of all sizes with an affordable way to access cyber security services designed to help improve cyber resilience.

We offer a Premium Membership to medium-sized businesses; becoming a member will enable you to receive a welcome pack full of practical resources and tools designed to help you identify your risks and vulnerabilities and the steps you can take to increase your levels of protection. Whilst also giving your staff security awareness training and testing their knowledge through a phishing exercise.

This membership also has the advantage of our cyber risk exposure assessment; this service helps identify known vulnerabilities, misconfiguration, and outdated/obsolete service issues across any internet-facing service. Through your membership, you will also get regular updates on new threats designed to help you stay safer.

Does your Legal Firm have Cyber Essentials?

We work with a network of official Cyber Essentials providers (known as our Cyber Essentials Partners). These Cyber Essentials Partners can help you achieve the Cyber Essentials and Cyber Essentials Plus Certification. Cyber Essentials provides that first step in demonstrating cyber security without combing through complicated paperwork and jargon.

A Cyber Essentials certification covers the essential technical controls that will help prevent the most common commodity attacks.

The certification is broken down into five control areas:

  • Access Control looks at how businesses can ensure employees have the correct access levels for their roles and how access permissions should be monitored and checked regularly.

  • Secure Configuration looks at how businesses implement security measures when setting up or installing new computers and network devices to reduce unnecessary cyber vulnerabilities.

  • Software Updates are essential for effective cyber security. This control area examines how cybercriminals can exploit vulnerabilities exposed by out-of-date software. When a new update is released, attackers will quickly identify the underlying vulnerability in the application and release malware to exploit it.

  • Malware Protection looks at how businesses can help spot the signs of malicious activity and keep themselves out of the path of cybercriminals.

  • Firewall and Routers look at how a firewall provides a defence barrier between your network and the internet and how this is key in protecting your devices.


How can we support your business?

Phishing 292 x 219px.png

Raise your staff's awareness of phishing emails and guard your business against the growing trend of social-engineering threats.


Training your employees on what a phishing attack looks like makes them more likely to identify and report scams.

security awareness training.png

Our training package is designed and delivered by cyber experts giving you access to the most up-to-date information in an ever-changing cyber landscape.

You can purchase single-place training spots or a cyber security workshop.

Community Members

Our premium membership package is aimed at medium-sized businesses and includes bespoke security awareness training sessions.


This allows your business to train several cyber security champions and an assessment of your cyber risk. 

bottom of page