HQ/EMEAFind out how we can help your business
A significant cyberattack has recently crippled CTS, a prominent IT service provider specialising in serving law firms across the UK, causing severe disruptions to vital services for numerous law firms and homebuyers.
The incident, which commenced on Wednesday, has left clients unable to conduct property transactions and raised concerns about the security of sensitive legal data.
In response to the cyber incident, CTS released a statement on Friday acknowledging the service outage and attributing it to the cyberattack. The company is actively working with cyber forensic experts to conduct an urgent investigation into the incident and facilitate the restoration of services. However, a specific timeline for resolution remains unknown.
Approximately 80 to 200 law firms, dependent on CTS for secure legal systems, may have been impacted by the cyber assault.
While the number of affected customers and the exact nature of the attack remain undisclosed, local media reports hint at the possibility of a ransomware attack.
The outage has hit property transactions hard, leaving people unable to buy or sell properties for the entire week. O’Neil Patient, a CTS client, highlighted the widespread impact on the sector, noting that systems will only be restored once safety assurances are secured to preserve data integrity.
Surprisingly, the Information Commissioner’s Office (ICO) had not received a breach report from CTS at the time of the statement. CTS later confirmed contacting the ICO, adhering to the mandatory 72-hour reporting window for data breaches.
As a managed service provider (MSP), CTS offers a range of cyber protection services, including attack detection and response, network security, and employee security awareness training. The UK’s National Cyber Security Centre (NCSC) had previously warned about the increased attack surface associated with MSPs, emphasising the need for robust defence measures.
The situation underscores the vulnerability of organisations, particularly those managing critical infrastructure, to cyber threats.
CTS clients await updates on the ongoing investigation and the anticipated restoration of services. The incident has prompted organisations to reevaluate and reinforce their cybersecurity measures amid the heightened risks of cyberattacks.
