Forensics firm used by police targeted in cyber-attack

Eurofins Scientific was hit by a ransomware attack over the weekend of June 1 and 2.
Eurofins Scientific was hit by a ransomware attack over the weekend of June 1 and 2.

A criminal probe has been launched into a cyber-attack on one of the main scientific firms used by police to carry out forensic work.

Eurofins Scientific, which has laboratories around the world, was targeted by a ransomware attack over the weekend of June 1 and 2, the company said in a statement.

The attack affected the IT systems of the company’s forensics subsidiary, which is based in the UK and one of the main forensic service providers to UK policing.

The National Police Chiefs’ Council (NPCC) said all submissions to the firm have been temporarily suspended, although not all police forensics work has been affected, with forces able to continue fingerprint analysis and crime scene investigation as normal.

The National Crime Agency (NCA) is leading a criminal probe into the attack.

NCA director of threat leadership Rob Jones said: “Specialist cyber-crime officers from the NCA are working with partners from the National Cyber Security Centre and the NPCC to mitigate the risks and assess the nature of this incident.

“We are securing evidence and forensically analysing infected computers, but due to the quantity of data involved and the complexity of these kinds of inquiries, this is an investigation which will take time.”

Chief Constable James Vaughan, the NPCC’s lead for forensics, said: “As a result of the ransomware attack against Eurofins Scientific, we have temporarily suspended all law enforcement submissions to their forensic science subsidiary.

“Our priority – alongside the Association of Police and Crime Commissioners – is to minimise the impact on the criminal justice system.

“We have put our national contingency plans in place, which will see urgent submissions and priority work diverted to alternative suppliers to be dealt with as quickly as possible.

“It is too early to fully quantify the impact but we are working at pace with partners to understand and mitigate the risks.”

Shadow crime and policing minister Louise Haigh said: “The police and crown prosecutors must quickly establish if evidence has been compromised and how many cases will be delayed by this cyber-attack.

“This is the latest in a long line of failures in the forensics market: there is a criminal investigation into manipulation of forensic samples ongoing at another major provider, and countless forensic providers are failing to meet the bare minimum standards.

“There are now very serious questions to be answered about whether this cornerstone of our criminal justice system is fit for purpose. The privatisation agenda has fatally undermined our previously world-leading forensics service.”