Police Forensic Firm Has Paid Ransom

The UK's biggest provider of forensic services has paid a ransom to criminals after its IT systems were disrupted in a cyber-attack. Eurofins Scientific was infected with a ransomware computer virus a month ago, which led British police to suspend work with the global testing company.

At the time, the firm described the attack as "highly sophisticated". The company has not said publicly how much money was involved in the ransom payment or when it was paid.

The National Crime Agency (NCA) said it was a "matter for the victim" as to whether a ransom had been paid. The agency, which is investigating the attack, said: "As there is an ongoing criminal investigation, it would be inappropriate to comment."

Eurofins previously said the attack was "well-resourced" but three weeks later said its operations were "returning to normal".
It said it would also not comment on whether a ransom had been paid or not. It added it was "collaborating with law enforcement" in the UK and elsewhere.

The ransomware attack took down the company’s systems which accounts for over half of forensic science provision in the UK, on the first weekend in June.

Ransomware is a computer virus that prevents users from accessing their system or personal files. Messages sent by the perpetrators demand a payment in order to unlock the frozen accounts. Eurofins deals with over 70,000 criminal cases in the UK each year. It carries out DNA testing, toxicology analysis, firearms testing and computer forensics for police forces across the UK. Forensic science work has been carried out by private firms and police laboratories in England and Wales since the closure of the government's Forensic Science Service in 2012.

An emergency police response to the cyber-attack was led by the National Police Chiefs' Council (NPCC) to manage the flow of forensic submissions so DNA and blood samples which needed urgent testing were sent to other suppliers.

It has led to delays in forensic science provision and is understood to have caused some court hearings to be postponed because information on the results of analysis conducted by Eurofins was not accessible.

The ransom is likely to have been paid between 10 June, when Eurofins issued a lengthy statement about the attack, and June 24 when it published an optimistic update, saying it had "identified the variant of the malware used" in the attack and had strengthened cyber-security.

It said: "We are continuing to work intensively with leading cybersecurity experts to further secure our current systems and infrastructure and to add enhanced security features and measures to protect our systems and data."

"The investigations conducted so far by our internal and external IT forensics experts have not found evidence of any unauthorised theft or transfer of confidential client data."

The NPCC refused to comment on the ransom payment but police sources said "excellent progress" had been made in dealing with the fall-out of the cyber-attack. Police and law enforcement agencies in the UK are still not submitting new samples to Eurofins for analysis but the company says it is working towards giving them the assurances they need for fresh work to restart.

BBC

You Might Also Read:

30% Of Business Leaders Would Pay Ransom:

 

 

 

« Why Is Retail Cyber Security So Weak?
Communications Satellites Are Vulnerable »

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

WEBINAR: How to improve threat detection and hunting in the AWS Cloud

WEBINAR: How to improve threat detection and hunting in the AWS Cloud

Thursday, August 20, 2020 - Join SANS and AWS Marketplace to learn the exercise of applying MITRE’s ATT&CK Matrix to the AWS Cloud and how to enhance threat detection and hunting in an AWS environment

DigitalStakeout

DigitalStakeout

A simple and cost-effective solution to monitor, investigate and analyze data from the web, social media and cyber sources to identify threats and make better security decisions.

Tenable Network Security

Tenable Network Security

Tenable Network Security - Don't rely only on CVSS to prioritize. Use machine learning to predict what is most likely to be exploited.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Cyber Security Service Supplier Directory

Cyber Security Service Supplier Directory

Free Access: Cyber Security Service Supplier Directory listing 4,000+ specialist service providers.

BackupVault

BackupVault

BackupVault is a leading provider of completely automatic, fully encrypted online, cloud backup.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Rambus Security Division

Rambus Security Division

Rambus Security Division solutions span areas including tamper resistance, content protection, network security, mobile payment, smart ticketing, and trusted provisioning services.

Secret Double Octopus

Secret Double Octopus

Secret Double Octopus offers the world’s only keyless multi-shield authentication technology for users and things.

Secure Innovations

Secure Innovations

Secure Innovations is a cybersecurity firm dedicated to providing top-tier cyber security solutions for the Defense and the Intelligence Community.

OneSpan

OneSpan

OneSpan (formerly Vasco Data Security) is a global leader in digital identity security, transaction security and business productivity.

Asoftnet

Asoftnet

Asoftnet are specialists in IT security, IT forensics, IT service, websites, applications and mobile solutions.

Uhuru Corp

Uhuru Corp

Uhuru offers a wide variety of IoT products and solutions including enebular® IoT Orchestration Service.

Baltimore Cyber Range (BCR)

Baltimore Cyber Range (BCR)

Baltimore Cyber Range provides IT and cybersecurity training, simulation and placement services across the full spectrum of experience and skill levels.

Axonius

Axonius

Axonius is the only solution that offers a unified view of all assets and their coverage, empowering customers to take action to enforce their organization’s security policies.