The legal sector is in danger of a surge in cyber-attacks due to a sharp rise in staff using unsecured networks for work, according to new analysis.
Employees are increasingly using unsecured public Wi-Fi hotspots while working, leaving businesses “extremely vulnerable” to hackers, according to the Federation of Small Business and cyber security group Linten Technologies, who say cyber breaches are now “incredibly simple” to achieve.
“You are never far from an unsecured network – whether at a hotel, café, train station or airport,” said Robert Downes, FSB Development Manager for Greater Manchester.
“Combine that with remote working pushing more law service employees onto unsecured networks, and the concern is businesses across the UK are leaving themselves wide open to cybercrime.
Many employees just don’t realise just how risky public Wi-Fi access points are, but they are very easily hacked and make using them a no-no. The simple analogy I’ve heard from experts before is that if you found an open bottle of beer on the bar on a night out, you wouldn’t dream of drinking it just because it’s there. The same goes for free Wi-Fi.”
The legal sector is one of the most vulnerable and target industries, with a 2021 PwC survey finding that 90% of law firms view cyber risk as the “biggest threat to future growth ambitions”, while 48% of Top 100 UK firms expect to reduce their office footprint in the short to medium term. Meanwhile, the number of worldwide public Wi-Fi hotspots is expected to reach 628 million in 2023 – nearly one for every 10 people on the planet.
“The risk to law firms is huge,” says Steven Allan, CEO and founder of Linten Technologies. On how firms can reduce risk, he said:
“A staggering 95% of cybersecurity breaches are caused by human error. So, the first thing businesses need to do is educate employees about the dangers of unsecured networks.
We advise our clients that it is safer to hotspot from your phone using mobile data than join an unsecured network if you’re out and about.
Another simple security measure to adopt is multifactor authentication (MFA). This is vital for any good cyber security plan, yet only 46% of SMEs have implemented the technology.
Use a trusted Virtual Private Network (VPN) service. By using a VPN when you connect to a public Wi-Fi network, you’ll be encrypting all of your data that passes through the network.
The cost of being proactive and prepared is significantly cheaper than dealing with the aftermath of an attack.”
Data breaches cost SMEs an average of nearly £3.8m ($4.35m) per incident, according to a recent IBM Data Breach Report. Allan concluded with three more tips for firms and staff:
“Only visit websites with a HTTPS connection as this will ensure that you are browsing on trustworthy and secure website.
Turn off sharing on your device. This will ensure that the things you usually connect to or share on a secure network aren’t discoverable.
Ensure you have the relevant security infrastructure in place, such as an antivirus to ensure that you are protected against viruses and malware.”
One Response
Totally agree and I’m pretty confident firms are massively exposed to social engineering hacking like seen at Uber & Rockstar recently (and rumours are, a big law firm).
Remote working isn’t the issue. But firms lack of understanding on how to work safely remotely is.
Happy to share our best practices with any firm that needs help. After all, cyber security shouldn’t be a “trade secret” lol!