UK Bar Council and Bar Standards Board left reeling from malicious cyber attack

The UK Law Gazette reports

IT systems operated by the Bar Council and Bar Standards Board have been taken offline following the latest cyber attack on the legal profession in London. In an ‘Update on our current technical difficulties’ issued this morning, the heads of the representative and regulatory bodies said:

‘The General Council (GCB) has suffered a malicious cyber attack. Action was taken swiftly and required taking our IT systems offline in order to stop the attack and prevent any data loss. Our priority remains the protection of our IT systems and data from further attack. We do not believe any data has been lost.

‘We are doing all that we can to fix the problem as soon as possible. Our emails and MyBar have been temporarily unavailable, and Authorisation to Practise and Court ID cards have both been extended. We are working at pace with our cyber security partners to cleanse and restore all systems and services and extend security arrangements.

System hacked warning on computer screen

General Council of the Bar is the latest part of the profession to fall victim to hackers

Source: iStock

‘The attack has been reported to the ICO, National Cyber Security Centre and the Police. We apologise to anyone who has had difficulties in contacting our organisations during this time.’

The deadline for applications for authorisations to practice has been extended by a month until the end of May, while HMCTS has agreed to extend the validity of professional court users’ ID cards due to expire on 30 April, the announcement said.

Law firms, barristers’ chambers and legal professional bodies are emerging as prime targets for malicious attacks, frequently with the aim of extorting money. Yesterday top-100 firm Ward Hadaway obtained a High Court injunction against ‘persons unknown’ who last month made a $6m (£4.75m) blackmail demand after confidential documents were obtained in a cyber attack.

Criminal defence firm Tuckers Solicitors was last month fined £98,000 by the Information Commissioner’s Office for failing to secure sensitive court bundles that were later published on the dark web.