NPCC leads emergency response into forensics cyberattack

Eurofins Scientific, which has laboratories around the world, was targeted by a ransomware attack over the weekend of June 1 and 2, the company said in a statement.

The attack affected the IT systems of the company’s forensics subsidiary, which is based in the UK.

Eurofins caters for more than 50 per cent of the UK market, dealing with more than 700,000 criminal cases each year.

In a statement on its website Eurofins said it believed the attack was carried out by “highly sophisticated well-resourced perpetrators” and the ransomware involved appears to have been a “new malware variant”.

An emergency police response has been put in place, led by the National Police Chiefs’ Council (NPCC), which took the decision to “temporarily suspend” all submissions to Eurofins.

Not all police forensics work has been affected, with forces able to continue fingerprint analysis and crime scene investigation as normal. However, there are fears that an increasing backlog of cases could ultimately lead to delays with current cases.

The National Crime Agency (NCA) is leading the investigation into the attack. NCA Director of Threat Leadership Rob Jones said: “Specialist cybercrime officers from the NCA are working with partners from the National Cyber Security Centre and the NPCC to mitigate the risks and assess the nature of this incident.

“We are securing evidence and forensically analysing infected computers, but due to the quantity of data involved and the complexity of these kinds of inquiries, this is an investigation which will take time.”

Chief Constable James Vaughan, the NPCC’s lead for forensics, said: “As a result of the ransomware attack against Eurofins Scientific, we have temporarily suspended all law enforcement submissions to their forensic science subsidiary.

“Our priority – alongside the Association of Police and Crime Commissioners – is to minimise the impact on the criminal justice system.

“We have put our national contingency plans in place, which will see urgent submissions and priority work diverted to alternative suppliers to be dealt with as quickly as possible.

“It is too early to fully quantify the impact but we are working at pace with partners to understand and mitigate the risks.”

The Crown Prosecution Service said at this stage there was “no evidence to suggest that previous convictions were unsafe”.

A spokesperson added: “The CPS is assessing current cases to identify any impact on criminal trials as a result of this attack, and will ensure all necessary action is taken to allow them to proceed fairly.”

The cyber-attack is the latest in a series of major forensic science problems to hit police forces since the closure of the government-owned service in England and Wales in 2012.

Last year 40 drug-driving offences were quashed and thousands of cases were reviewed after data was allegedly manipulated at Randox Testing Services.

Another company – Key Forensic Services – collapsed in January 2018, while the Metropolitan Police Service has also had to carry out a review after a forensic scientist apparently botched examinations.

Shadow Crime and Policing Minister Louise Haigh said: “The police and crown prosecutors must quickly establish if evidence has been compromised and how many cases will be delayed by this cyber-attack.

“This is the latest in a long line of failures in the forensics market: there is a criminal investigation into manipulation of forensic samples ongoing at another major provider, and countless forensic providers are failing to meet the bare minimum standards.

“There are now very serious questions to be answered about whether this cornerstone of our criminal justice system is fit for purpose. The privatisation agenda has fatally undermined our previously world-leading forensics service.”