Monday, May 26, 2025
Vulnerable critical systems
This is a particular problem with those systems designed to enable the delivery of public services as not only are they critical, but they are also large scale and therefore expensive, while the organisations who run them tend not to have a lot of cash to spare.
This could explain why the Legal Aid Agency is under fire after a major cyber attack saw potentially millions of pieces of personal data stolen, including criminal records.
The Independent reports that the Agency's IT system is antiquated and therefore vulnerable to this sort of attack. The repercussions are serious:
A “significant amount of personal data” of people who applied to the agency since 2010 was accessed and downloaded in a cyber attack in April this year, the Ministry of Justice (MoJ) has said.
Those eligible to apply for legal aid include domestic violence and modern slavery victims, people involved in cases in the family court, as well as those accused of criminal offences.
Lawyers are also concerned wealthy individuals who used a duty solicitor when questioned by police but were not later charged could end up at risk of being blackmailed.
The group that carried out the attack has claimed it accessed 2.1 million pieces of data but the MoJ has not verified that figure.
Richard Atkinson, president of the Law Society of England and Wales, a professional body that represents solicitors, said: “It is extremely concerning that members of the public have had their personal data compromised in this cyber security incident and the LAA must get a grip on the situation immediately.
“The incident once again demonstrates the need for sustained investment to bring the LAA’s antiquated IT system up to date and ensure the public have continued trust in the justice system.
“The fragility of the IT system has prevented vital reforms, including updates to the means test that could help millions more access legal aid, and interim payments for firms whose cash flow is being decimated by the backlogs in the courts, through no fault of their own.
“If it is now also proving vulnerable to cyber attack, further delay is untenable.
“Legal aid firms are small businesses providing an important public service and are operating on the margins of financial viability. Given that vulnerability, these financial security concerns are the last thing they need.”
Other recent cyber attacks have targeted Marks and Spencer, the Co-op and Harrods but you expect public services to have a higher level of security, if only they had the money to invest.
This could explain why the Legal Aid Agency is under fire after a major cyber attack saw potentially millions of pieces of personal data stolen, including criminal records.
The Independent reports that the Agency's IT system is antiquated and therefore vulnerable to this sort of attack. The repercussions are serious:
A “significant amount of personal data” of people who applied to the agency since 2010 was accessed and downloaded in a cyber attack in April this year, the Ministry of Justice (MoJ) has said.
Those eligible to apply for legal aid include domestic violence and modern slavery victims, people involved in cases in the family court, as well as those accused of criminal offences.
Lawyers are also concerned wealthy individuals who used a duty solicitor when questioned by police but were not later charged could end up at risk of being blackmailed.
The group that carried out the attack has claimed it accessed 2.1 million pieces of data but the MoJ has not verified that figure.
Richard Atkinson, president of the Law Society of England and Wales, a professional body that represents solicitors, said: “It is extremely concerning that members of the public have had their personal data compromised in this cyber security incident and the LAA must get a grip on the situation immediately.
“The incident once again demonstrates the need for sustained investment to bring the LAA’s antiquated IT system up to date and ensure the public have continued trust in the justice system.
“The fragility of the IT system has prevented vital reforms, including updates to the means test that could help millions more access legal aid, and interim payments for firms whose cash flow is being decimated by the backlogs in the courts, through no fault of their own.
“If it is now also proving vulnerable to cyber attack, further delay is untenable.
“Legal aid firms are small businesses providing an important public service and are operating on the margins of financial viability. Given that vulnerability, these financial security concerns are the last thing they need.”
Other recent cyber attacks have targeted Marks and Spencer, the Co-op and Harrods but you expect public services to have a higher level of security, if only they had the money to invest.
