Police chiefs are warning of delays to investigations and court cases after it emerged that a ransomware attack on a forensic services firm led to a backlog of 20,000 cases.
Eurofins Scientific, the largest provider of its kind in the UK, suffered the “sophisticated” attack back in June.
The global tester, which handles around half of the UK’s forensic work, is said to have decided to pay the ransom in a bid to regain access to crucial data.
The National Police Chiefs' Council (NPCC) is now reported to be working on clearing the large backlog of cases, which it says will have an impact on ongoing investigations and legal proceedings as they involve vital DNA and blood evidence from crime scenes.
The backlog is now at around 15,000 cases, but the police organization is confident it will be cleared in the next two months, according to the BBC.
“The security and integrity of the criminal justice system is of the highest possible priority, which meant we had to take stringent steps to ensure that police data had, firstly, not been manipulated or changed and, secondly, was suitably protected for the future,” said NPCC lead for the forensic marketplace, assistant chief Constable Paul Gibson.
Kaspersky principal security researcher, David Emm, said the case highlights the dilemma facing firms caught out by ransomware: whether to pay up.
“To avoid this issue in the first place, having offline and offsite data back-up is essential. The best mitigation to ransomware is having effective backup processes in place, which help companies to avoid an invidious situation where they are suddenly negotiating with cyber-criminals,” he added.
“However, if companies haven’t got a back-up and it’s too late, then they seriously need to weigh up what solution is best for them. Whilst the decision to pay a ransom to restore valuable data is entirely dependent on the victim and their unique situation, it is important to remember the following: you can never entirely trust cyber-criminals to keep their end of the deal and in paying large sums to them, you are helping to fuel an illegal economy and thus, will help to make ransomware a more lucrative business in the future.”