*/
There are now nursery rhymes about video conferencing. One, to the tune of ‘London Bridge is Falling Down’, goes: Froggy didn’t go on mute, Go on mute, Go on mute. Froggy didn’t go on mute, And we can hear him snore.
Here’s another, to a tune similar to ‘If You’re Happy and You Know It Clap Your Hands’:
I’m talking to my friends and then I freeze.
I’m talking to my friends and then they freeze.
I’m talking to my friends,
And before the story ends,
I’m talking to my friends and then I freeze.
However, despite technological innovation being introduced to toddlers, a report from the Department for Science, Innovation and Technology, published in March 2025, reveals that the UK’s cybersecurity sector is grappling with a significant skills gap. Over the past 12 months, cybersecurity generated £13.2 billion in revenue; but 44% of UK businesses lack basic cybersecurity skills, while 27% are missing the advanced expertise required to defend against increasingly sophisticated cyber threats.
Regional disparities and a lack of investment in cybersecurity research and startups are compounding the problem, with small and medium-sized enterprises, such as barristers’ chambers, facing particular challenges of identifying those with appropriate skills at an affordable price.
The legal sector will reportedly account for 24% of the expected global cost of cybercrime this year and, in this context, it may not be surprising that the National Cyber Security Centre (NCSC) defines those working in the legal sector as ‘high-risk individuals’. But if there is a dearth of cybersecurity professionals to combat cyber attacks, what can chambers do? Thankfully, the NCSC has penned guidance for high-risk individuals – Defending Democracy.
The NCSC defines ‘high-risk individuals’ as those working in the legal industry, journalists and politicians including elected representatives, candidates, activists and staffers. The cyber risk does not come from the specific position or role but rather from the access or influence over sensitive information that may be commercially useful or of interest to nation state actors.
By definition, personal data in the possession of barristers is confidential (in fact it is privileged), and will hold relevance to the individual or company to which it relates. Those dealing with commercially sensitive information or in areas relating to intellectual property or privacy are clear and obvious targets. While information may not be immediately obvious as commercially sensitive or politically valuable, the NCSC has identified organisations associated to nation states (including Iran, Russia and China) as targeting individuals linked to UK parliamentarians. Family law proceedings relating to childcare arrangements may not immediately seem of interest to state-sponsored hackers but if these relate to the cleaner of a government MP and reveal compromising details which could be used to blackmail or recruit the cleaner the value of this information exponentially increases.
The methodology of cyber threat actors is vast and varied. The Medusa ransomware gang has, since 2021, infected more than 300 organisations in critical infrastructure sectors such as medical, manufacturing and technology industries using ‘initial access brokers’ to gain entry into victims’ networks, before using legitimate software to move laterally within the systems. Initial access is gained through phishing or, more commonly now, spear-phishing and social engineering –when bespoke messages deliver malware to specific individual’s accounts and devices.
Once entry is gained, Medusa will use legitimate network tools, for example those used to provide remote access working, to move laterally within the system, and will even deploy software to delete or destroy endpoint detection or virus response. Medusa will seek to undermine the network’s response to the hack by bypassing or disabling security software. Medusa’s activity has increased 42% in 2024, and has continued to increase in January and February 2025.
But not all criminal activity is sophisticated. On 10 March 2025, Dark Storm Team, a hacking group formed in 2023, which has orchestrated attacks against governments and organisations known to support Israel, disrupted social media platform X using a simple Distributed Denial-of-Service (DDoS) attack. Former NCSC Chief Executive, Ciaran Murphy, told BBC Radio 4’s Today programme: ‘I am very surprised that X fell over as a result of a DDoS attack, it’s a very large-scale DDoS attack but it’s not that sophisticated; it’s a very old technique.’
When the biggest technology companies in the world are being overcome by technically simple attacks it is vital that you protect your devices and accounts.
Personal accounts are the likely target for attackers, from which threat actors may be able to gain access to other accounts. The following NCSC advice may be well-known but will significantly reduce the chance of a successful attack:
Attackers may also try to compromise your devices – computers, phones or tablets – to achieve their aims. Once access is gained, hackers can steal sensitive or personal information, carry out monitoring or impersonate you to fool others.
Never click on a link which you consider suspicious. And raise emails of concern with appropriate people within chambers.
Chambers should have a policy for escalation if there has been a successful attack. Even if you are not familiar with the policy do not stay silent. Raise the alarm to prevent or limit further breach, and seek appropriate legal and technical advice.
The NCSC provides additional support to high-risk individuals which includes Personal Internet Protection (PIP). PIP will check domains you visit using web browsers or applications against known lists of malicious domains. If there is a concern a warning will appear. If your device is infected with malware, PIP will block outgoing traffic to known malicious IP addresses. Those who consider themselves a high-risk individual and would like to benefit from this support can contact individualsupport@ncsc.gov.uk.
Further guidance and resources
National Cyber Security Centre (NCSC) Defending Democracy and Social Media: how to use it safely. To find out more about NCSC support for high-risk individuals including Personal Internet Protection, email: individualsupport@ncsc.gov.uk.
Read all of Sam’s articles for Counsel on IT and cyber security here.
Browse the Bar Council IT and GDPR support for barristers and chambers.
Sam Thomas is a barrister at 2BR. He is the co-author of Cyber Security: Law and Practice (LexisNexis: 2019) and Blockchain and Cryptocurrency: International Legal and Regulatory Challenges (Bloomsbury: 2023). Sam sits on the Bar Council IT Panel and is Chair of the Association of Regulatory and Disciplinary Lawyers. Sam’s practice encompasses advocacy and advice in cyber compliance and regulatory law, for which he was recognised by Chambers & Partners and the Legal 500, 2021-2024.
There are now nursery rhymes about video conferencing. One, to the tune of ‘London Bridge is Falling Down’, goes: Froggy didn’t go on mute, Go on mute, Go on mute. Froggy didn’t go on mute, And we can hear him snore.
Here’s another, to a tune similar to ‘If You’re Happy and You Know It Clap Your Hands’:
I’m talking to my friends and then I freeze.
I’m talking to my friends and then they freeze.
I’m talking to my friends,
And before the story ends,
I’m talking to my friends and then I freeze.
However, despite technological innovation being introduced to toddlers, a report from the Department for Science, Innovation and Technology, published in March 2025, reveals that the UK’s cybersecurity sector is grappling with a significant skills gap. Over the past 12 months, cybersecurity generated £13.2 billion in revenue; but 44% of UK businesses lack basic cybersecurity skills, while 27% are missing the advanced expertise required to defend against increasingly sophisticated cyber threats.
Regional disparities and a lack of investment in cybersecurity research and startups are compounding the problem, with small and medium-sized enterprises, such as barristers’ chambers, facing particular challenges of identifying those with appropriate skills at an affordable price.
The legal sector will reportedly account for 24% of the expected global cost of cybercrime this year and, in this context, it may not be surprising that the National Cyber Security Centre (NCSC) defines those working in the legal sector as ‘high-risk individuals’. But if there is a dearth of cybersecurity professionals to combat cyber attacks, what can chambers do? Thankfully, the NCSC has penned guidance for high-risk individuals – Defending Democracy.
The NCSC defines ‘high-risk individuals’ as those working in the legal industry, journalists and politicians including elected representatives, candidates, activists and staffers. The cyber risk does not come from the specific position or role but rather from the access or influence over sensitive information that may be commercially useful or of interest to nation state actors.
By definition, personal data in the possession of barristers is confidential (in fact it is privileged), and will hold relevance to the individual or company to which it relates. Those dealing with commercially sensitive information or in areas relating to intellectual property or privacy are clear and obvious targets. While information may not be immediately obvious as commercially sensitive or politically valuable, the NCSC has identified organisations associated to nation states (including Iran, Russia and China) as targeting individuals linked to UK parliamentarians. Family law proceedings relating to childcare arrangements may not immediately seem of interest to state-sponsored hackers but if these relate to the cleaner of a government MP and reveal compromising details which could be used to blackmail or recruit the cleaner the value of this information exponentially increases.
The methodology of cyber threat actors is vast and varied. The Medusa ransomware gang has, since 2021, infected more than 300 organisations in critical infrastructure sectors such as medical, manufacturing and technology industries using ‘initial access brokers’ to gain entry into victims’ networks, before using legitimate software to move laterally within the systems. Initial access is gained through phishing or, more commonly now, spear-phishing and social engineering –when bespoke messages deliver malware to specific individual’s accounts and devices.
Once entry is gained, Medusa will use legitimate network tools, for example those used to provide remote access working, to move laterally within the system, and will even deploy software to delete or destroy endpoint detection or virus response. Medusa will seek to undermine the network’s response to the hack by bypassing or disabling security software. Medusa’s activity has increased 42% in 2024, and has continued to increase in January and February 2025.
But not all criminal activity is sophisticated. On 10 March 2025, Dark Storm Team, a hacking group formed in 2023, which has orchestrated attacks against governments and organisations known to support Israel, disrupted social media platform X using a simple Distributed Denial-of-Service (DDoS) attack. Former NCSC Chief Executive, Ciaran Murphy, told BBC Radio 4’s Today programme: ‘I am very surprised that X fell over as a result of a DDoS attack, it’s a very large-scale DDoS attack but it’s not that sophisticated; it’s a very old technique.’
When the biggest technology companies in the world are being overcome by technically simple attacks it is vital that you protect your devices and accounts.
Personal accounts are the likely target for attackers, from which threat actors may be able to gain access to other accounts. The following NCSC advice may be well-known but will significantly reduce the chance of a successful attack:
Attackers may also try to compromise your devices – computers, phones or tablets – to achieve their aims. Once access is gained, hackers can steal sensitive or personal information, carry out monitoring or impersonate you to fool others.
Never click on a link which you consider suspicious. And raise emails of concern with appropriate people within chambers.
Chambers should have a policy for escalation if there has been a successful attack. Even if you are not familiar with the policy do not stay silent. Raise the alarm to prevent or limit further breach, and seek appropriate legal and technical advice.
The NCSC provides additional support to high-risk individuals which includes Personal Internet Protection (PIP). PIP will check domains you visit using web browsers or applications against known lists of malicious domains. If there is a concern a warning will appear. If your device is infected with malware, PIP will block outgoing traffic to known malicious IP addresses. Those who consider themselves a high-risk individual and would like to benefit from this support can contact individualsupport@ncsc.gov.uk.
Further guidance and resources
National Cyber Security Centre (NCSC) Defending Democracy and Social Media: how to use it safely. To find out more about NCSC support for high-risk individuals including Personal Internet Protection, email: individualsupport@ncsc.gov.uk.
Read all of Sam’s articles for Counsel on IT and cyber security here.
Browse the Bar Council IT and GDPR support for barristers and chambers.
Please complete the Barristers’ Working Lives survey this month to help shape and prioritise the Bar Council’s work
AlphaBiolabs supports children’s Hospice with £500 donation
Rachel Davenport, Co-founder and Director at AlphaBiolabs, discusses the company’s commitment to giving back to communities across the UK
By Kem Kemal of Henry Dannell
By Nick Bonnello and Aaron Young of RWB Chartered Accountants
By Kem Kemal of Henry Dannell
Animal sexual abuse is a distressing and taboo subject. Yet, write Christina Warner and Maya Badham, this hidden crisis, where legal, ethical and psychological factors converge, requires frank discussion
A cultural life and times
Maria Scotland and Niamh Wilkie report from the Bar Council’s 2024 visit to the United Arab Emirates exploring practice development opportunities for the England and Wales family Bar
Marking Neurodiversity Week 2025, an anonymous barrister shares the revelations and emotions from a mid-career diagnosis with a view to encouraging others to find out more
David Wurtzel analyses the outcome of the 2024 silk competition and how it compares with previous years, revealing some striking trends and home truths for the profession
