Forensics firm used by police targeted in cyber-attack

A criminal probe has been launched into a cyber-attack on one of the main scientific firms used by police to carry out forensic work.

Eurofins Scientific, which has laboratories around the world, was targeted by a ransomware attack over the weekend of June 1 and 2, the company said in a statement.

The attack affected the IT systems of the company’s forensics subsidiary, which is based in the UK and one of the main forensic service providers to UK policing.

The National Police Chiefs’ Council (NPCC) said all submissions to the firm have been temporarily suspended, although not all police forensics work has been affected, with forces able to continue fingerprint analysis and crime scene investigation as normal.

The National Crime Agency (NCA) is leading a criminal probe into the attack.

NCA director of threat leadership Rob Jones said: “Specialist cyber-crime officers from the NCA are working with partners from the National Cyber Security Centre and the NPCC to mitigate the risks and assess the nature of this incident.

“We are securing evidence and forensically analysing infected computers, but due to the quantity of data involved and the complexity of these kinds of inquiries, this is an investigation which will take time.”

Chief Constable James Vaughan, the NPCC’s lead for forensics, said: “As a result of the ransomware attack against Eurofins Scientific, we have temporarily suspended all law enforcement submissions to their forensic science subsidiary.

“Our priority – alongside the Association of Police and Crime Commissioners – is to minimise the impact on the criminal justice system.

“We have put our national contingency plans in place, which will see urgent submissions and priority work diverted to alternative suppliers to be dealt with as quickly as possible.

“It is too early to fully quantify the impact but we are working at pace with partners to understand and mitigate the risks.”