Police suspend work with forensic partner after cyber attack
A cyber-attack on Eurofins Forensic Services, the UK’s biggest forensics company, has led to the police suspending all partnership with the organisation.
This came after a ransomware attack on the organisation on 2nd June, left their security compromised, leaving the police in a position where they are unable to safely work with the company.
Ransomware attacks on Eurofins
Ransomware attacks occur when an IT system is infiltrated and information becomes exposed, data is encrypted, or the attacker can use the victim’s details against them unless a ransom is paid.
It is thought this particular security breach was made by skilled actors who had access to a high amount of resources to create a “new malware variant”.
Commenting on the ransomware infiltration, Eurofins said: “Information from law enforcement and independent cybersecurity experts lead us to believe that this attack has been carried out by highly sophisticated, well-resourced perpetrators.”
On their website, Eurofins also stated the attack has had an impact throughout many other countries.
The impact on police investigations
On 3rd June, the National Police Chief Council reported that Eurofins, the parent company of Eurofins Forensic Services, were under instructions to return all investigations they had not yet started, most likely causing a delay in many case investigations, with potentially over half of all outsourced cases experiencing some disruption.
Eurofins forensic services deals with toxicology, DNA analysis, ballistics and computer forensics and assist with investigations involving anything from murder to terrorism.
The outsourcing is currently being managed by an emergency team who are dealing with all requests on a national level. They are ensuring that cases are being prioritised and that officers are not being given too much work to handle.
When will the problem be fixed?
Eurofins process over 70,000 tasks each year and with an unsure date as to when the problem will be fixed, it’s thought there could be serious delays to the solving of some of the biggest crimes in the UK.
The NPCC also said that they were unsure how much data had been affected and if the perpetrators of the malware attack had any information taken from Eurofins.
However, the forensic company have claimed that they have managed to contain the virus as much as possible and that they have not yet found any evidence that data has been taken.
In a statement, Chief Constable James Vaughan, the National Police Chiefs’ Council (NPCC) lead for forensics, stated: “We have put our national contingency plans in place, which will see urgent submissions and priority work diverted to alternative suppliers to be dealt with as quickly as possible.
“It is too early to fully quantify the impact, but we are working at pace with partners to understand and mitigate the risks. We will share more information as soon as we can.”
The director of threat leadership at the National Crime Agency, Rob Jones, said, “Specialist cybercrime officers from the NCA are working with partners from the National Cyber Security Centre and the National Police Chiefs’ Council to mitigate the risks and assess the nature of this incident.
“We are securing evidence and forensically analysing infected computers, but due to the quantity of data involved and the complexity of these kinds of inquiries, this is an investigation which will take time; therefore we cannot comment further.”
The attack is under criminal investigation.