CTS, a managed service provider (MSP) for law firms in the United Kingdom, is urgently investigating a cyberattack that has disrupted its services potentially leaving hundreds of British law firms unable to access their case management systems. The company announced on Friday that it was experiencing a service outage which has impacted a portion of the services we deliver to some of our clients, and confirmed the outage was caused by a cyber incident. The UK government is closely monitoring the company’s situation, according to a government spokesperson.
It is not known how many of the company’s clients are affected, although a report byToday’s Conveyancer estimated between 200 and 80 would be unable to access phone, emails, or case management systems.CTS said it was working closely with a leading global cyber forensics firm to help us with an urgent investigation into the incident and to assist us in service restoration. The company said it was confident it would be able to restore services but cautioned it could not give a timeline for full restoration, and pledged to communicate directly with the clients who were affected.
The hack comes just weeks after the British government failed to introuduce promised legislation that would have required MSPs to increase their cybersecurity protections. MSPs are an attractive and high value target for malicious threat actors, and can be used as staging points through which threat actors can compromise the clients of those managed services, the government warned when it announced the new laws.