UK police have suspended all work related to the country's biggest private forensic company after a ransomware attack hit the firm, which conducts DNA analysis, toxicology, ballistics and computer forensics work across UK.
A few days ago, a security researcher with NewSky Security stated that web-based DNA sequencer applications are currently under attack from a mysterious hacking group who are using a still-unpatched zero-day to take control over targeted devices.
In this recent case, the ransomware attack on the firm called Eurofins Forensic Services was detected on June 1 and 2. Later, the police have admittedly halted all the work with the company that led to delays in forensic testing, which could impact on court cases. This attack is currently under investigation.
As reported by The Guardian, the National Police Chiefs' Council lead for forensics James Vaughan, who is also the Chief Constable, stated that the authority has put the national contingency plans in place, which will now see urgent submissions and priority work diverted to the alternative suppliers to deal with such cases as soon as possible.
He also mentioned that "it is too early to fully quantify the impact, but we are working at pace with partners to understand and mitigate the risks. We will share more information as soon as we can."
An NPCC police spokesman also revealed that all the work with the affected forensic firm was suspended on June 3 soon after the detection of a breach on its system. Eurofins, which caters for over 50% of the UK market and deals with over 70,000 criminal cases in the country each year, was asked to return all the incoming casework.
The government agency, Crown Prosecution Service (CPS) said that even though the investigation is still going on, at this stage no evidence was found to suggest that "previous convictions were unsafe".
As per a spokesperson, "The CPS is assessing current cases to identify any impact on criminal trials as a result of this attack and will ensure all necessary action is taken to allow them to proceed fairly."
It should be noted that the Eurofins issued a statement on its website where the firm clearly said that that attack has caused "disruption to many of its IT systems in several countries."
They also stated that this attack was conducted by highly sophisticated well-resourced hackers and the ransomware involved appears to have been a new malware alternative.
The National Crime Agency's spokesperson said that the authority is working closely with law enforcement and justice departments to investigate the incident and to minimise the impact on the criminal justice system.
This month two ransomware attacks have already paralysed Harrison County Courthouse and Florida city council. But the shocking part is both the government agencies have agreed to pay the amount asked by the hackers. This action clearly suggests how powerful these attacks have become and how poor cybersecurity these government agencies have.