Society's News

Corporate Members 2020

3PB Albion Chambers Ashfords Barcan + Kirby Burges Salmon Clarke Willmott Cooke Painter Ltd Clyde & Co DAC Beachcroft Devereux & Co Enterprise Chambers The Family Law Practice Foot Anstey (including Enable Law) Fussell Wright Gregg Latchams Ltd Guildhall Chambers Irwin Mitchell Solicitors Kelcey & Hall Lyons Davidson Marc White & Co Meade King Michelmores LLP MS Rubric Osborne Clarke … more

BLS features in Bristol Post oldest thriving companies in Bristol

Excerpt from the article: How Bristol’s oldest companies are still thriving after more than 100 years in business They include the city’s last-surviving chocolate maker a wine merchant and a tannery. Why do some companies struggle to survive beyond a year while others flourish for hundreds? Although more than 90 per cent of small companies in Britain will survive one … more

No 12, The Meeting Rooms – Conference, Meeting and Mediation Rooms for Hire

Please note that the BLS office is shut to members at present as we continue to work from home during the pandemic. We can be contacted on info@bristollawsociety.com. In the meantime, our office is now operating as the Bristol Nightingale Court and accordingly, we are unable to hire out our facilities until further notice. (Oct 2020) Bristol Law Society’s suite … more

Professional Indemnity Risk Alert: Increase in Fraud and Cyber Crime

 

 

Professional Indemnity Risk Alert: Increase in Fraud and Cyber Crime

We have seen a recent rise in cyber crime targeted at law firms, specifically account takeover, identity fraud, and scams.

Although we recognise that this issue is not novel, we believe greater vigilance is required, as there has been a noticeable increase in activity reported to us in the last few weeks.

Examples of very recent law firm cyber attacks include:

  • Global law firm (two incidents):
    • (1) Client’s email was hacked and the firm was fraudulently induced to pay monies to a fraudulent bank account.
    • (2) Firm sent a third-party invoice to the client for payment. The email was intercepted, account details changed, and the client was urged to make payment into a fraudulent bank account.
  • UK law firm reported a £1.3 million property identity fraud – very similar in nature to Dreamvar versus Mishcon de Reya.
  • UK law firm was tricked by a short series of scam emails into paying away almost £500,000 in proceeds of conveyancing to a fraudulent bank account.

In wider society, we are also seeing increasingly sophisticated cyber attacks against corporations and individuals.

An increase in cyber attacks has been predicted for some time based on the perception that remote working security and practices are weaker than office-based approaches.

Changes to Insurance Coverage

As a result of regulatory concern about the risk of insurer insolvency from unintentional cyber cover, insurers are looking to remove such non-mandatory coverage from traditionally broadly worded professional indemnity policies. We will be commenting on this further in our next Risk Dimensions newsletter.

Loss of client data and business interruption are high severity, high probability events that are already on the risk registers of many firms. However, we believe that firms should now re-think their approaches on the basis that the threat level has increased, and the mitigants available (such as insurance) may cost more, or not be available. Normal safeguarding routines should also be reviewed and exercised.

Immediate Actions

Raise awareness: Share this note and the resources below with your management group, and ask them to ensure their teams are all aware of the elevated risk.

Shrink the attack surface: One barrier, which may help prevent some situations for UK-based firms, is to disallow internet connections to any of the firm’s systems from IP addresses outside the UK. This is not always simple, but many security systems have basic settings that default to allowing connections unnecessary for the normal operation of a UK-based firm. These can often be configured to prevent connections from ranges of IP addresses.

​​Bring forward plans: If security improvements and/or drills are scheduled for later in the year, bring them forward to now, if possible.

Check your insurance: Review your cover with your broker, particularly in relation to cover for theft.

Available resources on these issues include:

To find out more about Marsh professional indemnity insurance, click here.