Eurofins Scientific, who’s much-needed services are used by police forces all across the UK have said their staff have taken “immediate steps to mitigate the impact” of the ransomware that has been detected on their systems.
In ransomware attacks, hackers inject a virus into computer systems preventing users from accessing their files until payment has been made. Most companies are loathe to pay these demands and prefer to restore their systems from a back up however this clearly wasn’t possible in this case.
On Friday, sources suggested that the “immediate steps” had included Eurofins paying the ransom, confirming an earlier BBC News report.
We still don’t know exactly how much money was paid and when. It is however likely to have taken place sometime between June 10 and June 24.
This form of attack is becomingly increasingly common and no business seems to be safe from these frankly simple cyber attacks. Major UK systems have been brought down by ransomware attacks, other high profile cases include the NHS in 2017, in this case 19,o00 medical appointments had to be cancelled.
Police have already suspended all submissions to Eurofins in an attempt to limit the fallout from the cyber-attack.
Police have had to take the drastic steps to suspend all submissions to Eurofins hoping to mitigate the severity and fallout from this cyber attack.
Eurofins is responsible for carrying out a wide range of testing, such as firearms testing, toxicology analysis, computer forensics and assists in more than 70,000 criminal cases each year. This figure worryingly accounts for around half of all the UK’s market for forensic science and testing.
The backlash has been severe, there have been a number of high profile court hearings being delayed simply so sample submissions can be handled by other suppliers. Any evidence left on the Eurofins company systems will not being released until a thorough investigation has taken place and the police are sure of its safety. The crown Prosecution Service is saying they will “seek to adjourn cases for the shortest possible period”.
James Vaughan, who heads up forensics for The National Police Chiefs Council, had said the police’s priority was to “minimise the impact on the criminal justice system”.
“We have put our national contingency plans in place, which will see urgent submissions and priority work diverted to alternative suppliers to be dealt with as quickly as possible,” he said.
Eurofins has become the main supplier to the UK police forces since the Government’s Forensic Science Service closing in 2012, this was when the forensic operations were transferred to the private sector. The company has seven laboratories around the UK including Oxford and Leeds.
The National Crime Agency is now heading up the investigation. The NPCC and National Cyber Security Centre are also cooperating to assist in the investigation.
The NCA declined to comment on whether Eurofins had paid the ransom on Friday, saying it was a “matter for the victim” to speak about.
Rob Jones the director of threat leadership at the NCA has said it is “securing evidence and forensically analysing infected computers”.
“Due to the quantity of data involved and the complexity, this is an investigation which will take time, therefore we cannot comment further,” he said.
Eurofins did not respond to requests for comment.
If you would like to know more about how to protect your business or would like to arrange an IT Review on the health of your systems, then please get in touch.