A cyberattack on CTS, a leading managed service provider (MSP) for law firms and other organizations in the UK legal sector, is behind a major outage impacting numerous law firms and home buyers in the country since Wednesday.
“We are experiencing a service outage which has impacted a portion of the services we deliver to some of our clients. The outage was caused by a cyber-incident,” the UK IT services provider said in a statement published on Friday.
“We are working closely with a leading global cyber forensics firm to help us with an urgent investigation into the incident and to assist us in service restoration.”
The company is working on bringing back online services impacted following the cyberattack. Still, it can’t provide a timeline for when the outage will be resolved and all affected systems restored.
CTS also provides customers with more detailed information on the outage and the measures it’s taking in response to the cyberattack via a dedicated communications list.
“Whilst we are confident that we will be able to restore services, we are unable to give a precise timeline for full restoration,” CTS added.
“We will continue to communicate directly with those of our clients which are impacted by the service outage, providing regular updates on the status of our work to restore services and our investigations into the incident.”
A spokesperson for the UK’s Information Commissioner’s Office (ICO) told BleepingComputer that CTS hasn’t yet reported a breach after the attack.
“We don’t appear to have received a breach report matching the one you described. As you’ll be aware, organisations have 72 hours from when they became aware of a breach to report to the ICO, and not all breaches need to be reported,” the ICO spokesperson said.
After the article was published, CTS Director of Marketing Natalie Kissack told BleepingComputer that the company had contacted the ICO.
Dozens of customers potentially affected
While CTS has yet to reveal the number of impacted customers or the nature of the attack, information shared so far points to a ransomware attack.
Local media reports that between 80 and 200 law firms could have been affected based on estimates shared by CTS clients.
Throughout the week, people have been unable to buy or sell properties due to outages, with no clear information on when the issue will be resolved.
O’Neil Patient, one of CTS’ clients, told Property Industry Eye that the outage “is impacting a number of organisations across the sector, as our provider is a specialist in secure legal systems for many law firms and barrister’s chambers.”
“There is no evidence to suggest that any data integrity has been compromised, and we will not be bringing our systems back online until we have all the assurances that it is safe to do so. This outage has unfortunately impacted our customers, particularly those who were due to complete on a new home,” O’Neil Patient added.
As an MSP, CTS also provides cyber protection services, including cyberattack detection and response, email and network security, and employee security awareness training.
The UK National Cyber Security Centre (NCSC) warned in January that using an MSP’s services increases the attack surface, especially since they’re a “juicy target” for attackers as they manage the resources of large numbers of customers.
“Publications from Microsoft and N-able highlight that this real threat uses techniques that are relatively unchanged from those documented by PWC in 2017, and is part of a trend that we expect to continue,” UK’s NCSC said.
“We would hope that such infrastructure is well-defended, and MSPs use different devices and accounts for administrative functions than are used for email and browsing the web.”
A CTS spokesperson declined to comment outside of the statement published on the company’s website.
Source: www.bleepingcomputer.com