Cybercrime against law firms reaches a new high

Tommy White profile image

Tommy White, Partner, Head of solicitors sector

Tommy is a partner and head of the firm's solicitors sector group.

Sept. 14, 2017


According to a recent report by the Solicitors Regulation Authority (SRA) law firms are being increasingly exposed to cyber theft – with property transactions being one of the fraudsters’ main target areas.

The SRA recorded a massive 137% increase in cyber thefts during the first quarter 2017 – more than double the amount of cases reported during the same period in 2016. According to the SRA’s report in July, the majority of money stolen belonged to clients but in some instances also concerned money that was stolen directly from the office bank account of the law firm concerned.

Unsurprisingly conveyancing and probate matters were a particular target area for fraudsters. Money used for house moves accounted for around half of the cases reported, with an 85% increase in theft of property deposits in 2016. Fraudsters also targeted money in relation to inheritance and probate monies and also law firms’ own money. The amount stolen directly from law firms is difficult to measure as legal practices are only obliged to report client losses, leaving many instances of other cybercrime unreported.

Cybercrime is of course, not a new risk area for legal firms and has been highlighted a number of times as a key area of focus particularly with regards to the protection of client monies. It was a leading topic in this year’s Legal Benchmarking Report by NatWest, which revealed that client money balances are typically 129% of annual billings, equivalent to about £2.3billion in the survey population.

The Benchmarking Report, which covered 269 firms employing 16,000 people and with fee income of up to £123m, also showed that on average 24% of firms have experienced a fraud related loss or cyber-attack in the past year. When the figures are broken down, 16% of firms that experienced a cyber-attack in the last 12 months were small firms, 31% were large firms and 28% were very large firms – which just goes to show that firms of all sizes are exposed to the threat.

Despite this increase in crime, prosecutions for cybercrime actually fell in 2016 due to a lack of specialist police resource. The UK only has around 250 specialist cybercrime officers and they were just too thinly stretched to cope with the demand. This makes it even more important for legal practices to be constantly developing their own in-house safeguarding techniques against online crime.

Unfortunately no law firm can assume they are safe from the crippling effects of cybercrime, but in such a technologically advanced environment putting the right safeguarding techniques in place, and ensuring staff within those firms are aware of the danger areas, will be key to mitigating the risk of an attack in the future.

Wilkins Kennedy offers a specialist service for law firms, including tailored seminars via the WK Lawprogramme. If you would like some advice relating to the running of your legal practice, please contact us for more information.

Related insights and events

Newsletter Sign-up