Recovery continues, almost five months on from a breach in which a ‘significant amount’ of citizens’ personal data, including contact details, criminal histories and financial data, was accessed by attackers
Following a destructive cyberattack earlier this year, the Legal Aid Agency expects to begin restoring its digital platforms and services within the next week or so, a minister has indicated.
Online tools and tech systems “will begin to be restored from early September onwards and [there] will be a phased return” from this point, according to Sarah Sackman, the Ministry of Justice minister with responsibility for the administration of the legal aid regime.
Sackman, who was answering a written parliamentary question from Liberal Democrat MP Sarah Olney, added that the first service to be restored – “in mid-September” – will be the online means for applying for criminal legal aid support and submitting the relevant forms.
Then, “from mid- to late-September”, applications for aid in relation to civil cases is expected to come back online, as is the supporting cost-management system.
Following this, “services relating to functionality previously provided by the controlled work administration system are expected to return from October”.
The minister – echoing comments made in a recent PublicTechnology interview with MoJ chief digital and information officer Mark Thompson – said that the recovery process has also provided an opportunity for upgrade and improvement of the Legal Aid Agency’s (LAA) tech infrastructure.
“The LAA has written to representative bodies and providers to update them that the old portal will be replaced by a new, secure single sign-in tool for LAA online services,” Sackman said. “This represents a recovery and transformation model which has been subject to testing by a small pilot group throughout August. This is subject to testing, security and legal criteria being met.”
She added: “The LAA continues to engage with representative bodies to help shape the steps to service restoration in a way which supports legal aid providers most effectively. Regular updates are being provided to providers.”
Related content
- Four things we learned at the PublicTechnology Cyber Security Conference
- Cyber Security Week: Analysis – how and where are attackers getting in?
- NCSC head warns of fundamental ‘contest for cyberspace’ as annual report shows 44% hike in most serious incidents
In answer to another written parliamentary question, from fellow Labour MP Chris Bloore, Sackman reiterated previous claims, that “the recent data breach is the result of serious criminal activity, but it was enabled by the fragility of the LAA’s IT systems as a result of long-term underinvestment under the last Conservative government”.
“By contrast, since taking power this government has prioritised work to reverse the damage of over a decade of underinvestment,” she said. “That includes the allocation of over £20m in extra funding this year to stabilise and transform the Legal Aid Agency digital services. This investment will make the system more robust and resilient in the face of similar cyberattacks in future.”
The minister added that, following the discovery of the attack in April, the LAA had met its obligations for reporting the incident to the Information Commissioner’s Office. Asked by Bloore whether security or credit support services would be offered to those affected by the incident – which could include anyone that has used the agency’s online services from 2007 up to May of this year – Sackman claimed that this is yet to be determined.
The minister added: “The Legal Aid Agency is complying with all legal and regulatory requirements arising from the cyberattack. The current priority is the restoration of services and the prevention of future attacks. Once we can be assured that our legal aid services are operating properly and handling people’s data in a safe way, there will need to be a stocktake and an effort to learn lessons. It is too early to comment on what remedial actions, if any, may be appropriate for impacted individuals, whether clients or providers.”
