Police Federation hit by ransomware attack

The Police Federation of England and Wales (PFEW) has confirmed that it has suffered a cyberattack.

The union-like organisation, which represents over 119,000 officers across the 43 forces in England and Wales, described the incident as a ransomware attack in a Twitter statement.

PFEW said its internal computers at its Surrey headquarters had been attacked on the 9th of March, but details of the breach were only revealed on Thursday (March.22nd).

It reported that a number of its databases and email systems have been encrypted by the cybercriminals. Attackers also deleted backup data.

Police Federation

“There is no evidence at this stage that any data was extracted from the organisation’s systems, although this cannot be discounted and PFEW are taking precautions to notify individuals who may potentially be affected,” said the association.

None of the 43 branches across the UK were affected by the breach, the statement read.

The National Crime Agency is investigating the attack, which the Police Federation said was “not targeted specifically” at the police organisation and was more likely to be part of a wider campaign.

The association reported the attack to the UK’s data protection regulator on the 11th of March, within the required three days under European law.

Expert response

Security experts have offered their views on the attack.

“In the wake of this week’s Norsk Hydro attack, we are seeing a slight resurgence of ransomware. The danger is that these attacks don’t have to be technically sophisticated to be devastating. They often abuse systematic weaknesses such as software vulnerabilities, outdated patches, and weak administrative credentials,” Max Heinemeyer, director of threat hunting, Darktrace, told Computer Business Review.

“We have even seen some late strains of ransomware with a surprisingly low detection rate by commercial antivirus software,” he added.

Israel Barak, CISO at Cybereason, added: “Today, ransomware infections are having a fraction of the impact they were two-to-three years ago.

“Most companies have contingencies and tools now that help with the threat. Because of these factors, a growing number of people feel like ransomware is now an understood and contained risk. However, that’s, for the most part, a false sense of security because most of the lack of recent ransomware outbreaks is due to the attackers using it differently, more surgically, if you will.

“Law enforcement agencies such as the UK’s Police Federation should maintain regular and constant backups of important files and consistently verify that the backups can be restored. Organisations should also educate their employees on refraining from downloading pirated software or paid software offered for ‘free’, as humans are the single biggest asset cybercriminals have in extorting money from businesses.”

Related Posts