Cyber attack on IT service provider CTS disrupts over 80 UK law firms, hindering legal services and real estate transactions
Last Wednesday’s cyberattack on CTS, a prominent UK-based provider of managed IT services for law firms and the professional services industry, continued to cause widespread disruption this week.
The attack specifically impacted cloud hosting and solutions for legal entities in the UK and Ireland, leading to significant operational challenges for law firms specialising in real estate.
Between 80 to 200 UK law firms have been affected with the attack resulting in a major outage, hindering the ability of these firms to access their case files and conduct normal operations. This disruption has had a notable impact on real estate transactions, as many of these law firms are involved in conveyancing and other property-related legal services.
The incident at CTS highlights the vulnerability of legal firms to cyber threats and underscores the critical nature of cyber security in the legal sector. It has caused significant operational challenges and delays in service provision, affecting numerous organisations within the legal sector. Close to 80 law firms reported being unable to access their case files since the incident occurred, leading to delayed or disrupted legal services.
The full extent of the impact on law firms and their clients is still unfolding.
Cyberattack on KyberSwap leads to $54.7 million cryptocurrency heist
KyberSwap, a decentralised exchange protocol, revealed that it experienced a significant cyberattack on November 22, 2023, resulting in the loss of nearly $54.7 million in cryptocurrency.
The attack was executed through a complex series of exploitative swaps, which enabled the unauthorised withdrawal of user funds. This event underscores the vulnerability of cryptocurrency platforms to targeted cyberattacks, and highlights the challenges in securing digital assets in the burgeoning field of decentralised finance DeFi.
In the wake of the attack, KyberSwap's team urgently advised its users to withdraw their funds. The company is actively attempting to recover the stolen assets. This cyberattack not only represents a significant financial loss but also casts a spotlight on the ongoing security concerns within the cryptocurrency industry, particularly for decentralised platforms.
Kyber Network, the entity behind KyberSwap, acknowledged the severity of the hack, noting that the loss of more than $54.7 million in digital assets stands out in the history of cryptocurrency exploits. The incident has raised concerns about the robustness of security measures in place at cryptocurrency exchanges and the need for enhanced protections against sophisticated cyber threats.
UK NCSC and US CISA launch joint guidelines for strengthening cyber security in AI system development
The UK National Cyber Security Centre (NCSC) and the US Cybersecurity and Infrastructure Security Agency (CISA) released ‘Guidelines for Secure AI System Development’ this week. The move marks a significant advancement in addressing the interplay between artificial intelligence (AI) and cyber security with the guidelines aimed at assisting developers throughout the AI system development process, ensuring that security is a fundamental aspect.
The guidelines emphasise the secure operation and maintenance of AI systems, particularly focusing on the stages following deployment. This includes logging and monitoring, update management, and information sharing. Adhering to the 'secure by default' principle. The NCSC stated that the guidelines strive to incorporate security at every stage of an AI system's lifecycle.
This collaboration extends to other international partners as well, reinforcing the goal of creating AI systems that are safe, secure, and trustworthy. By integrating 'secure by design' principles, the guidelines advocate for a comprehensive approach to cyber security in the development, deployment, and operation of AI systems.
Japan's Space Agency reports unauthorised access
The Japan Aerospace Exploration Agency (JAXA) reported that it had experienced a cyber incident on Wednesday, with unauthorised access to its network server being highly likely. The government announced the security breach, noting that sensitive information did not appear to have been stolen in the incident. The cyberattack, has raised concerns about the potential access to sensitive space-related technologies.
Government spokesman Hirokazu Matsuno confirmed that JAXA reported the possibility of unauthorized access to its central server, which controls the agency's intranet. The nature and extent of the penetration by the attackers remains unclear, but it has highlighted the vulnerabilities within the organisation's cyber security infrastructure.
Following the cyberattack, a spokesperson from JAXA reassured the public that no sensitive data linked to satellite or rocket operations had been compromised.
The incident underscores the growing cyber security challenges faced by space agencies globally and highlights the need for robust security measures to protect sensitive information and infrastructure in the space exploration and technology fields.
