The hack of MSP provider CTS potentially impacted hundreds of UK law firms

Pierluigi Paganini November 27, 2023

The cyber attack that hit the managed service provider (MSP) CTS potentially impacted hundreds in the United Kingdom.

CTS is a trusted provider of IT services to the legal sector in the UK. The company announced that it is investigating a cyber attack that caused a service outage. The incident impacted a portion of the services.

The security incident potentially impacted hundreds of British law firms.

We are experiencing a service outage which has impacted a portion of the services we deliver to some of our clients. The outage was caused by a cyber-incident. We are working closely with a leading global cyber forensics firm to help us with an urgent investigation into the incident and to assist us in service restoration.” reads the update published by CTS.

“We continue to work around the clock with the assistance of third-party experts. Whilst we are confident that we will be able to restore services, we are unable to give a precise timeline for full restoration. We will continue to communicate directly with those of our clients which are impacted by the service outage, providing regular updates on the status of our work to restore services and our investigations into the incident.”

The company is investigating the incident with the help of a cyber forensics firm. The company plans to full restore the services, but at this time it is not able to provide a precise timeline for full restoration.

The Record Media is aware of at least one law firm that was directly impacted by the CTS security breach.

Estate Agent Today reported that threat actors allegedly exploited the CitrixBleed vulnerability (CVE-2023-4966). The flaw allowed attackers to gain initial access to the organization’s infrastructure.

In late October, Citrix urged administrators to actively secure all NetScaler ADC and Gateway appliances. The company was aware of attacks in the wild exploiting the CVE-2023-4966 vulnerability.

On October 10, Citrix published a security bulletin related to the critical vulnerability CVE-2023-4966 in Citrix NetScaler ADC/Gateway devices.

MSPs are high-value targets for threat actors that aims at carrying out supply chain attacks.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, MSP)

you might also like

leave a comment