Police Forensic Firm Has Paid Ransom

Uploaded on 2019-07-10 in TECHNOLOGY--Hackers, GOVERNMENT-Law Enforcement, FREE TO VIEW

The UK's biggest provider of forensic services has paid a ransom to criminals after its IT systems were disrupted in a cyber-attack. Eurofins Scientific was infected with a ransomware computer virus a month ago, which led British police to suspend work with the global testing company.

At the time, the firm described the attack as "highly sophisticated". The company has not said publicly how much money was involved in the ransom payment or when it was paid.

The National Crime Agency (NCA) said it was a "matter for the victim" as to whether a ransom had been paid. The agency, which is investigating the attack, said: "As there is an ongoing criminal investigation, it would be inappropriate to comment."

Eurofins previously said the attack was "well-resourced" but three weeks later said its operations were "returning to normal".
It said it would also not comment on whether a ransom had been paid or not. It added it was "collaborating with law enforcement" in the UK and elsewhere.

The ransomware attack took down the company’s systems which accounts for over half of forensic science provision in the UK, on the first weekend in June.

Ransomware is a computer virus that prevents users from accessing their system or personal files. Messages sent by the perpetrators demand a payment in order to unlock the frozen accounts. Eurofins deals with over 70,000 criminal cases in the UK each year. It carries out DNA testing, toxicology analysis, firearms testing and computer forensics for police forces across the UK. Forensic science work has been carried out by private firms and police laboratories in England and Wales since the closure of the government's Forensic Science Service in 2012.

An emergency police response to the cyber-attack was led by the National Police Chiefs' Council (NPCC) to manage the flow of forensic submissions so DNA and blood samples which needed urgent testing were sent to other suppliers.

It has led to delays in forensic science provision and is understood to have caused some court hearings to be postponed because information on the results of analysis conducted by Eurofins was not accessible.

The ransom is likely to have been paid between 10 June, when Eurofins issued a lengthy statement about the attack, and June 24 when it published an optimistic update, saying it had "identified the variant of the malware used" in the attack and had strengthened cyber-security.

It said: "We are continuing to work intensively with leading cybersecurity experts to further secure our current systems and infrastructure and to add enhanced security features and measures to protect our systems and data."

"The investigations conducted so far by our internal and external IT forensics experts have not found evidence of any unauthorised theft or transfer of confidential client data."

The NPCC refused to comment on the ransom payment but police sources said "excellent progress" had been made in dealing with the fall-out of the cyber-attack. Police and law enforcement agencies in the UK are still not submitting new samples to Eurofins for analysis but the company says it is working towards giving them the assurances they need for fresh work to restart.

BBC

You Might Also Read:

30% Of Business Leaders Would Pay Ransom:

 

 

 

« Why Is Retail Cyber Security So Weak?
Communications Satellites Are Vulnerable »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

AV Test

AV Test

The AV-TEST Institute is a leading international and independent service provider in the fields of anti-virus research and IT security.

Cloud Credential Council (CCC)

Cloud Credential Council (CCC)

The CCC is a leading provider of vendor-neutral certification programs that empower IT and business professionals in their digital transformation journey.

Ethio-CERT

Ethio-CERT

National Cyber Emergency Readiness and Response Team of Ethiopia.

Spherical Defense

Spherical Defense

Spherical Defense offers an alternative approach to WAFs and first generation API security tools.

Infosec (T)

Infosec (T)

Infosec (T) Limited is an independent Tanzania based consultancy specializing in IT governance, information security and IT audit.

NSO Group

NSO Group

NSO Group develops technology that enables government intelligence and law enforcement agencies to prevent and investigate terrorism and crime.

Sweepatic

Sweepatic

The Sweepatic reconnaissance platform discovers and analyses all internet facing assets and their exposure to risk.

InterVision

InterVision

InterVision is a leading Strategic Services Provider, assisting businesses in driving value and gaining a competitive edge by helping IT Leaders solve the most crucial challenges they face.

German Accelerator

German Accelerator

German Accelerator supports high-potential German startups in successfully entering the U.S. and Southeast Asian markets.

SecureStrux

SecureStrux

SecureStrux are a cybersecurity consulting firm providing specialized services in the areas of compliance, vulnerability assessment, computer network defense, and cybersecurity strategies.

Flix11

Flix11

Flix11 is a Cyber Security & ICT Solutions focused company. We provide a range of products and services in Cyber Security, Internet of Things (IoT) and infrastructure solutions.

Bleckwen

Bleckwen

Bleckwen is a proven fraud detection system that helps financial institutions build trust with customers.

CySecK

CySecK

CySecK is a Centre of Excellence in Cybersecurity formed in 2017 by the Government of Karnataka, as part of the Technology Innovation Strategy.

Vaultinum

Vaultinum

Vaultinum are a trusted independent third party specialized in the protection and audit of digital assets.

GoPro Consultants

GoPro Consultants

GoPro Consultants is an IT Consultancy and IT Managed services provider Globally with immeasurable expertise of IT professionals in Hardware/Support & Consultancy and Project Planning.

BluTinuity

BluTinuity

BluTinuity is a premier management consulting firm with a passion for information security, business continuity, incident response, disaster recovery, and HIPAA security.