British Police Forensics Attacked

Uploaded on 2019-06-27 in TECHNOLOGY--Hackers, GOVERNMENT-Law Enforcement, FREE TO VIEW

British police have stopped working with the UK’s largest private forensics operation because of a cyber ransomware attack. The police hace suspended work with Eurofins Forensic Services which carries out DNA analysis and computer forensics work, because of an attack on its IT system on 2 June. 

This is a substantial problem for the police as at least fifty percent of its forensic analysis was done by Eurofins and it helped to deal with over 70 thousand criminal attacks a year.  

Ransomware attacks are a computer virus that prevents users from accessing their system or personal files and often the attacks demand ransom payment to unlock the closure.

It is the latest in a series of major forensic science problems to hit police forces since the termination of the government-owned service in England and Wales in 2012.

In a statement, the National Police Chiefs’ Council lead for forensics, Chief Constable James Vaughan, said: “We have put our national contingency plans in place, which will see urgent submissions and priority work diverted to alternative suppliers to be dealt with as quickly as possible.

“It is too early to fully quantify the impact, but we are working at pace with partners to understand and mitigate the risks. We will share more information as soon as we can.”

Every police force in the country has had a cap placed on the volume of forensic work they can carry out and a police Gold Group response has been mounted, a step only taken in the case of major incidents or emergencies, to manage the increasing backlog. Cases are expected to be delayed as a result.

Eurofins said the attack "caused disruption to many of its IT systems in several countries" in a statement on its website .
It said it believed the attack was carried out by "highly sophisticated well-resourced perpetrators" and the ransomware involved appears to have been a "new malware variant".

Eurofins also said we ‘are cooperating with law enforcement agencies and renowned IT forensics and security companies in the investigation of this matter. 

‘The ransomware involved appears to have been a new malware variant which was initially non-detectable by the anti-malware screen of our leading global IT security services provider at the time of the attack and required an updated version made available only hours into the attack. 

‘The facts pattern of this attack as well as information from law enforcement and independent cybersecurity experts lead us to believe that this attack has been carried out by highly sophisticated well-resourced perpetrators’.

BBC:             Guardian:           EuroFins

You Might Also Read:

Police Are Mishandling Digital Forensic Evidence:

Authenticating Digital Evidence:

 

« A Cyber Toolkit For Small Business
US Cyber Attack On Iran »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

CEPS

CEPS

CEPS is a leading think tank and forum for debate on EU affairs, ranking among the top think tanks in Europe. Topic areas include Innovation, Digital economy and Cyber-security.

iboss Network Security

iboss Network Security

The iboss cloud is designed to deliver Network Security as a Service, in the cloud, using the best malware engines, threat feeds and log analytics engines.

Scanmeter

Scanmeter

Scanmeter helps identifying vulnerabilities in software and systems before they can be exploited by an attacker.

Stage2Data

Stage2Data

Stage2Data is one of Canada’s most trusted cloud solution providers offering hosted Backup and Disaster Recovery Services.

Newtech Recycyling

Newtech Recycyling

Newtech Recycyling specializes in the removal and disposal of IT infrastructure which has reached the end of its life cycle.

SmartContractAudits.com

SmartContractAudits.com

SmartContractAudits.com is the leading platform for finding companies providing smart contract auditing services.

Cyber Pathways

Cyber Pathways

Cyber Pathways brings together the next generation of Cyber professionals along with delegates who are looking to cross train and enter the cyber market.

Research Institute in Verified Trustworthy Software Systems (VeTSS)

Research Institute in Verified Trustworthy Software Systems (VeTSS)

The main purpose of VeTSS is to support program analysis, testing and verification, to achieve guarantees of software correctness, safety, and security.

Institute for Security and Technology (IST)

Institute for Security and Technology (IST)

The Institute for Security and Technology's goal is to provide the tools and insights needed for companies and governments to outpace emerging global security threats.

Cyber Defense Networking Solutions (CDNS)

Cyber Defense Networking Solutions (CDNS)

CDNS is a global network infrastructure provider whose platforms are engineered for security, optimized for speed and designed for resiliency.

DataSixth Security Consulting

DataSixth Security Consulting

DataSixth delivers Cybersecurity Intelligence. With our unique capabilities, we’re able to deliver value, deliver answers, and deliver actionable security intelligence.

Mr Backup (MRB)

Mr Backup (MRB)

MRB offers Data Protection as a Service for businesses looking to reduce the time, cost and complexity of securing your company data.

Codean

Codean

The Codean Review Environment automates mundane software analysis tasks, so security experts can focus on finding vulnerabilities.

Cranium

Cranium

Cranium are an international consultancy organisation specialised in privacy, security and data management.

Staley Technologies

Staley Technologies

Staley Technologies is a US nationwide structured cabling, technology integrator, and Managed IT & Cyber Security provider.

Sensity

Sensity

Sensity is a company that offers an AI-driven solution to detect and verify deepfakes and other forms of identity fraud.