As the summer melts away, and the red glow of the setting sun fuses into the reddening leaves of autumn, thoughts turn to preparation. Like farmers gathering the harvest to prepare for winter, at the Bar, holiday homes, villas and chateaus, apartments and cottages, beaches and festivals are left behind. And the matters of the Michaelmas term brought to the forefront of the mind to be readied.

But progress never stops. And the law never sleeps. And while the blissful break of the long hot summer was a welcome relief from wet weather days and spring showers, litigation has continued. What documents have been exchanged? What applications filed and served? While cocktails and mocktails of all kinds were consumed, what advancement in case management has been missed.

Thankfully, because Chambers has the most up-to-date case management systems, nothing.

And if your chambers does not have the most up-to-date case management system, and your clerks are currently chasing the poor paralegal who was the only person unable to have a holiday, then this article will prepare you for next year, as we consider the seven best case management systems on the market:

  1. Barrister CMS is a cloud-based case management software system designed to help barristers run their practice more efficiently and maximise revenue. Its features include document/email management, task and schedule tracking, contact management and simplified billing.
  2. Casedo brings all documents relating to a single matter into a workspace to organise, mark-up and share as if they were a single document and allows barristers to add documents and reorganise at will.
  3. Clerksroom’s system aims to cover chambers’ data and process management through to paying barristers and producing their financial accounts, mapping the entire financial audit trail from start to finish. It is also complimented by their robot junior clerk ‘Billy Bot’ that logs case work onto the case management system, deals with incoming post and handles electronic filing of paperwork, emails and instructions.
  4. HyperLaw Barrister is cloud-based legal software that enables barristers to upload case content, review an entire case and share a digital case file containing their legal argument with courts, clients, and peers.
  5. Meridian Legal System offers a practice management software solution including legal accounts, time recording and billing, case management, and document management. If barristers have their own precedent documents, Meridian will integrate them into the software so they are ready to use from day one. It also offers an integration process for data migration and integration of existing data.
  6. MLC Chambers Management Software offers a range of features to help streamline processes and improve performance for chambers. Some of these include secure mobile working, a centralised database, advanced reporting capability, intelligent time recording, smart diaries, and automated financial workflows. It also offers information capture, easy creation of case records, management of case workflows with automated processes, a cloud document repository, a collaboration platform, customised dashboards and client-focused product development.
  7. MyHMCTS is an online case management tool for barristers and other legal professionals managed by HM Courts and Tribunals Service. It allows barristers to submit, pay for and manage online case applications for civil damages claims, divorce, family public law order, financial remedy, immigration and asylum appeals, and probate.

Please note that these are listed alphabetically and not ranked in order. Different case management software might be better or best depending upon on an individual’s practice and existing infrastructure. What is consistent, though, is that case management software properly applied can reduce the practical burden on barristers.

A warning and yet more advice

On 31 May 2023, Progress Software, a US-based software developer, reported to regulators that hackers had found a way to infiltrate its MOVEit transfer tool. MOVEit software is utilised to transfer sensitive data securely, and crucially was used by UK payroll company Zellis, who provide payroll services to, inter alia, the BBC, British Airways, Air Lingus and Boots. An update patch was immediately released by Progress Software. However, on 5 June 2023, the BBC reported that consumer and staff data at these four companies had been compromised as a result of the MOVEit hack. Brett Callow, an analyst at cybersecurity firm Emisisoft described this supply chain cyber-attack as: ‘Potentially one of the most significant breaches of recent years.’

And the warnings have been there:* Counsel may have been a little early with regard to threats in 2022, but recent articles have focused on the prevention of supply chain attacks. (See ‘Avoid supply chain cyber attack’, Counsel, December 2022 and ‘Your guide to the information security questionnaire’, Counsel, August 2022.)

If you are subject to a supply chain attack DON’T PANIC. Prevention is better than cure and the advice provided in previous articles remains good. However, if your chambers has failed to complete the Questionnaire, or arrange for staff training, and is now subject to a breach, the following three points may help:

1. Don’t pay

Unusually in the case of the MOVEit hack, CLOP, the Russian speaking group allegedly responsible for the hack, asked those subject to the breach to contact them rather than sending out ransom demands. Charles Carmakal, Chief Technology Officer at Mandiant Consulting, suggested on CNN that this was because the speed and range of the breach was so great that CLOP was ‘overwhelmed’ and could not keep up to contact individual companies.

Whether or not you pay a ransom following a supply chain attack is ultimately a commercial decision. However, paying ransoms will encourage attacks. Further, the CLOP threat was for contact and payment before 14 June 2023 otherwise data would be published on the dark web. While publication is reputationally embarrassing, and may undermine individual’s security, visibility of information published on the dark web is, appropriately for nomenclature, poor. The extent to which data will actually be seen is limited.

2. Be suspicious

While visibility of data published on the dark web is poor, utility is far more dazzling. Pieces of data on the dark web, coupled with phishing techniques and social engineering can be used in secondary attacks, and can be used for years to come.

Many people at the Bar will have flown BA or shopped at Boots, and the information gleaned from these companies can be used to generate emails, messages and notifications which look very real. Be wary! If you are being asked for information pause and consider whether the request is genuine. If there is any doubt seek verification from the individual or company requesting the information, ideally using a different device and/or medium from the one that you received contact.

3. Don’t log on

Never provide your log-in details to another regardless of the apparent authority or authenticity of the request. Your log-in details are your details! Like the keys to your house or car, do not give these to someone unless you trust them implicitly not to ransack your house or crash your car.

Avoid clicking links on messages. Official messages relating to ‘resetting passwords’ or ‘scanning devices’ utilise the fear generated from a cyber-attack to gain information in a secondary attack.

The repercussions from the MOVEit hack will be felt for many years to come. The information is out there and hackers will seek to utilise the data. Thankfully, most systems now need multi-factorial authentication. But the data which has been captured and released as a result of the MOVEit hack will overcome some of these hurdles, and bring hackers closer to their goal. Efforts should be made to make it as difficult for them as possible. 

See all of Sam’s articles on cyber safety here.