A cyberattack on a British managed service provider (MSP) for law firms and other organizations in the UK legal sector, has triggered a widespread outage affecting numerous law firms and disrupting property transactions across the country.
In a brief update on its website, CTS said it suffered a cyber-incident and is investigating the attack with the assistance of third-party security experts.
While the company has not disclosed the exact number of impacted customers or the specifics of the attack, media reports suggest a ransomware incident.
Local media reports indicate that between 80 and 200 law firms may have fallen victim to the attack, based on estimates provided by CTS clients.
Since the onset of the cyberattack, individuals attempting to buy or sell properties have faced significant challenges due to the outages.
It is believed that threat actors targeted the firm through CitrixBleed(CVE-2023-4966), a remote code execution vulnerability in Citrix NetScaler ADC and NetScaler Gateway products. The flaw has been widely exploited by LockBit, a Russian-speaking hacking gang, to gain access to corporate networks.
Last week, the US and Australian security agencies released a joint advisory highlighting IoCs (Indicators of Compromise), TTPs (tactics, techniques, and procedures), and detection methods associated with LockBit ransomware and multiple threat groups exploiting CitrixBleed.
