Police Forensic Firm Has Paid Ransom

Uploaded on 2019-07-10 in TECHNOLOGY--Hackers, GOVERNMENT-Law Enforcement, FREE TO VIEW

The UK's biggest provider of forensic services has paid a ransom to criminals after its IT systems were disrupted in a cyber-attack. Eurofins Scientific was infected with a ransomware computer virus a month ago, which led British police to suspend work with the global testing company.

At the time, the firm described the attack as "highly sophisticated". The company has not said publicly how much money was involved in the ransom payment or when it was paid.

The National Crime Agency (NCA) said it was a "matter for the victim" as to whether a ransom had been paid. The agency, which is investigating the attack, said: "As there is an ongoing criminal investigation, it would be inappropriate to comment."

Eurofins previously said the attack was "well-resourced" but three weeks later said its operations were "returning to normal".
It said it would also not comment on whether a ransom had been paid or not. It added it was "collaborating with law enforcement" in the UK and elsewhere.

The ransomware attack took down the company’s systems which accounts for over half of forensic science provision in the UK, on the first weekend in June.

Ransomware is a computer virus that prevents users from accessing their system or personal files. Messages sent by the perpetrators demand a payment in order to unlock the frozen accounts. Eurofins deals with over 70,000 criminal cases in the UK each year. It carries out DNA testing, toxicology analysis, firearms testing and computer forensics for police forces across the UK. Forensic science work has been carried out by private firms and police laboratories in England and Wales since the closure of the government's Forensic Science Service in 2012.

An emergency police response to the cyber-attack was led by the National Police Chiefs' Council (NPCC) to manage the flow of forensic submissions so DNA and blood samples which needed urgent testing were sent to other suppliers.

It has led to delays in forensic science provision and is understood to have caused some court hearings to be postponed because information on the results of analysis conducted by Eurofins was not accessible.

The ransom is likely to have been paid between 10 June, when Eurofins issued a lengthy statement about the attack, and June 24 when it published an optimistic update, saying it had "identified the variant of the malware used" in the attack and had strengthened cyber-security.

It said: "We are continuing to work intensively with leading cybersecurity experts to further secure our current systems and infrastructure and to add enhanced security features and measures to protect our systems and data."

"The investigations conducted so far by our internal and external IT forensics experts have not found evidence of any unauthorised theft or transfer of confidential client data."

The NPCC refused to comment on the ransom payment but police sources said "excellent progress" had been made in dealing with the fall-out of the cyber-attack. Police and law enforcement agencies in the UK are still not submitting new samples to Eurofins for analysis but the company says it is working towards giving them the assurances they need for fresh work to restart.

BBC

You Might Also Read:

30% Of Business Leaders Would Pay Ransom:

 

 

 

« Why Is Retail Cyber Security So Weak?
Communications Satellites Are Vulnerable »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

ITpreneurs

ITpreneurs

ITpreneurs provides IT training content, Instructors, Learning Infrastructure and services to IT Training providers.

Wizard Computing

Wizard Computing

Wizard Computer Services is a full service IT solutions provider that offers managed services, consultation, installation, and support to small and large businesses in New England.

RioRey

RioRey

The DDoS mitigation specialist, from single server to Enterprise wide carrier level networks the RioRey Solution provides effective immediate and easy to manage protection.

XBOSoft

XBOSoft

XBOSoft is a software QA and testing company. We cover the entire QA and testing life cycle including software and application security.

CyberWarrior

CyberWarrior

CyberWarrior deliver training and consulting for some of the world’s top brands and also partner with national systems integrators to augment their teams with our expertise.

Phew

Phew

Phew are New Zealand cyber security specialists with expertise and experience forged in global financial markets, IT&T, management consulting and SME business management.

Bangladesh Association of Software & Information Services (BASIS)

Bangladesh Association of Software & Information Services (BASIS)

BASIS is the national trade body for Software & IT Enabled Service industry of Bangladesh.

MedCrypt

MedCrypt

MedCrypt are a team of medical device experts focused on bringing modern cybersecurity features to the next generation of healthcare technology.

Gita Technologies

Gita Technologies

Gita Technologies works to create integrated solutions to the thorniest problems in the field of intelligence and cyber today.

PatrOwl

PatrOwl

Automate your SecOps with PatrOwl, and start defending your assets efficiently.

iSolutions

iSolutions

iSolutions is an official reseller and engineering company of leading products and solutions for cybersecurity and information protection, optimization, visualization and control of applications

Sixteenth Air Force (Air Forces Cyber)

Sixteenth Air Force (Air Forces Cyber)

Air Forces Cyber provides mission integration of Information Warfare at operational and tactical levels, creating dilemmas for adversaries in competition and, if necessary, future conflicts.

Dataprise

Dataprise

Dataprise is a leading IT managed services provider offering IT Management and Help Desk Support Services, Cloud Services, Information Security Solution, IT Strategy and Consulting.

LogicGate

LogicGate

The LogicGate Risk Cloud™ is an agile GRC cloud solution that combines powerful functionality with intuitive design to enhance enterprise GRC programs.

Kriptos

Kriptos

Kriptos helps businesses improve their cybersecurity, risk, and compliance strategies by locating critical information through a technology that automatically classifies and labels documents using AI.

Calamu

Calamu

Calamu is a software-defined storage security and resiliency platform that keeps your data secure and accessible wherever you choose to store it.