Fraud and Cybercrime vulnerabilities in the legal sector
Research into the risks impacting the top 200 law firms
The cyber landscape is becoming increasingly complex and keeping pace with the evolution of cyber threats is becoming challenging for law firms. This was evident in this year's Law Firm Benchmarking results which found that nearly half of all participants rated fraud and cybercrime as a business critical risk to their firm.
The fraud and cybercrime vulnerabilities in the legal sector report has been developed by Crowe, KYND and University of Portsmouth’s Centre for Counter Fraud Studies. It reveals that the vast majority of the top 200 law firms have significant unaddressed cyber risks setting a concerning precedent for all UK law firms and highlights the need for firms to take action to protect against cyber-attacks.
Key findings
 |
91% of firms analysed are exposed to having their website addresses spoofed. |
 |
80.5% of firms were running at least one server which a well-known vulnerability. |
 |
21% of firms were using out of date software putting them at a higher risk of attack. |
 |
23% of firms had at least one expired security certificate. |
 |
79% of firms had at least one domain registered to a personal email address. |
What actions should firms take?
If you are concerned the findings of this research relate to your firm, Crowe can provide the independent verification necessary to ensure your firm is protected.
We can help you to:
- obtain comprehensive insight into your firm’s cyber risk exposure
- address specific vulnerabilities in your externally facing IT infrastructure that could be exploited by hackers
- identify whether any of your firm’s email addresses have been compromised
- take actions to prevent exploitation of potential cyber risks.
