British Police Forensics Attacked
British police have stopped working with the UK’s largest private forensics operation because of a cyber ransomware attack. The police hace suspended work with Eurofins Forensic Services which carries out DNA analysis and computer forensics work, because of an attack on its IT system on 2 June.
This is a substantial problem for the police as at least fifty percent of its forensic analysis was done by Eurofins and it helped to deal with over 70 thousand criminal attacks a year.
Ransomware attacks are a computer virus that prevents users from accessing their system or personal files and often the attacks demand ransom payment to unlock the closure.
It is the latest in a series of major forensic science problems to hit police forces since the termination of the government-owned service in England and Wales in 2012.
In a statement, the National Police Chiefs’ Council lead for forensics, Chief Constable James Vaughan, said: “We have put our national contingency plans in place, which will see urgent submissions and priority work diverted to alternative suppliers to be dealt with as quickly as possible.
“It is too early to fully quantify the impact, but we are working at pace with partners to understand and mitigate the risks. We will share more information as soon as we can.”
Every police force in the country has had a cap placed on the volume of forensic work they can carry out and a police Gold Group response has been mounted, a step only taken in the case of major incidents or emergencies, to manage the increasing backlog. Cases are expected to be delayed as a result.
Eurofins said the attack "caused disruption to many of its IT systems in several countries" in a statement on its website .
It said it believed the attack was carried out by "highly sophisticated well-resourced perpetrators" and the ransomware involved appears to have been a "new malware variant".
Eurofins also said we ‘are cooperating with law enforcement agencies and renowned IT forensics and security companies in the investigation of this matter.
‘The ransomware involved appears to have been a new malware variant which was initially non-detectable by the anti-malware screen of our leading global IT security services provider at the time of the attack and required an updated version made available only hours into the attack.
‘The facts pattern of this attack as well as information from law enforcement and independent cybersecurity experts lead us to believe that this attack has been carried out by highly sophisticated well-resourced perpetrators’.
You Might Also Read:
Police Are Mishandling Digital Forensic Evidence:
Authenticating Digital Evidence: