A cyber-attack on CTS, a prominent managed service provider (MSP) catering to law firms and various organisations in the UK legal sector, has resulted in a significant disruption affecting numerous law firms and homebuyers in the country since Wednesday.
In a statement released on Friday, the UK IT services provider acknowledged the situation, stating, "We're currently facing a service disruption that's affecting some of the services we provide to a portion of our clients. The disruption stems from a cyber incident."
"We are working closely with a leading global cyber forensics firm to help us with an urgent investigation into the incident and to assist us in service restoration."
The company is actively working to restore online services that were impacted by the cyber-attack. However, it cannot provide a specific timeline for resolving the outage and fully restoring all affected systems.
To keep customers informed, CTS is sharing more detailed information about the outage and the actions taken in response to the cyber-attack through a dedicated communications list.
While expressing confidence in the ability to restore services, CTS clarified, "We are currently unable to offer a precise timeline for full restoration." The company emphasised ongoing direct communication with impacted clients, providing regular updates on service restoration progress and investigations into the incident.
In response to inquiries, a spokesperson from the UK's Information Commissioner's Office (ICO) states that CTS has not yet reported a breach following the cyber-attack. The spokesperson stated, "We haven't received a breach report matching the one you described. As you know, organisations have 72 hours from awareness of a breach to report to the ICO, and not all breaches are required to be reported."
After the publication of the article, CTS Director of Marketing Natalie Kissack stated that the company had since contacted the ICO.
Numerous customers affected
The exact count of affected customers and details about the attack remain undisclosed by CTS at this time. However, the information disclosed so far strongly indicates the occurrence of a ransomware attack, with potentially dozens of customers impacted.
According to reports, an estimated 80 to 200 law firms may have been affected, based on information provided by CTS clients. This has led to disruptions throughout the week, particularly in property transactions, with no clear timeline for resolution.
O'Neil Patient, a client of CTS, highlighted the widespread impact, stating, "The outage is affecting numerous organisations across the sector, as our provider specialises in secure legal systems for many law firms and barrister's chambers." Despite no evidence of compromised data integrity, O'Neil Patient emphasised that systems would not be brought back online until safety assurances were obtained.
CTS, functioning as a Managed Service Provider (MSP), offers cyber protection services, encompassing cyber-attack detection and response, email and network security.
At Cybaverse, we go one step further offering a 360 degree approach to Cyber Security whereby we provide you with the most comprehensive cyber security solutions in the UK. As a one stop shop for every angle of security, we will provide offensive & defensive operations as well as staff training and awareness.
To find out more, head to our MSSP 360 service page.
