An article in a recent issue of the Economist describes how between the mid 60’s to 2008, tuning in to a particular shortwave frequency would hear a flutist playing a few bars followed by a sequence of numbers being read in a quintessentially English voice. They were coded messages from MI6 used to communicate to spies in the field. Whilst some were wound up at the end of the cold war, in many territories, they are making a comeback.
The reason behind their comeback is the view that modern tech is not safe and such things as mobile phones and aps have been hacked for some time. It is also suggested that conferencing software used by businesses (particularly during lockdown) is not secure and enables the tech provider to listen in and capture information. One of the conclusions of the article is to assume that every internet – connected device is compromised.
How that translates into the legal sector is both obvious and also sometimes opaque. The obvious corollary of tech use is that we are seeing a big uptick in identity fraud used to divert funds sent by law firms, and escape of confidential data.
The less obvious comes from a senior tech underwriter at a well known Insurer who, when asked about a legal sector services provider being hacked a few months ago, with consequent data breaches, pointed to the “aggregation risk” which Insurers consider when underwriting these types of businesses – that is the risk that if anything goes wrong with businesses which handle and store many millions of items of confidential information, the consequences of a mishap are far greater and more exponential than would otherwise be the case.
In addition, there is anecdotal evidence from a particular searches provider, that overlaying multiple electronic search products in some circumstances did not give a clear picture of services, mining and drainage risks, to the extent that they had in the past resorted to queuing at the local authority premises to view manual records.
The corollary of all of this is that the tech involved in the legal sector is often only as good as the people who use it, and many Insurance claims are still the result of someone clicking on and opening an infected e-mail from a fraudster.
It also introduces the added dimension of why the SRA want to take away responsibility for client money when the aggregation risk is currently spread across over 9,000 law firms, and where the alternative solution might be to route it through one or a small handful of external services providers, where a breach might be catastrophic.
It is of course possible to protect the firm against many of these risks and staying ahead of the potential for disaster. To find out how, get in touch with us on 0203 376 0990.
QPI – Quality Professionalism and Integrity