The largest forensic services provider in the UK, Eurofins Scientific, has reportedly paid a ransom to criminals after its IT systems were disrupted in a cyber-attack. The amount of the ransom has not been disclosed, though BBC News reported that the attacks also resulted in the British police suspending its work with the global testing company.
Law enforcement agencies have refrained from sending new samples to Eurofins for analysis, according to reports. The Crown Prosecution Service told the BBC: “We are working to make sure all hearings remain fair and based on reliable evidence. While investigations are ongoing, prosecutors will assess the impact on a case-by-case basis. Cases where forensic evidence does not play a major role will continue as usual if all parties agree. If test results provided by Eurofins are central, we will seek to adjourn cases for the shortest possible period.”
Given that the investigation of the attack remains ongoing, Eurofins is refraining from commenting.
“This kind of attack was inevitable. While many security experts warn about paying ransoms or entering into negotiations, the answer in reality comes down to simple economics,” said Barry Shteiman, vice president of research and innovation at Exabeam.
“If the downtime caused by data being unavailable, or by the backup restoration process, is more expensive than paying the ransom, then organizations should pay. Equally, if giving up on the encrypted data has a higher cost in lost revenue or intellectual property than remediation, then you can also see why an organization would pay the ransom. Of course, this is a last resort, if all other options have been exhausted,” Shteiman continued.
Still, ransomware is only one type of attack that organizations need to protect against, said Derek James, regional director of EMEA for WhiteHat Security. “You need to protect against all threats, not one specific one. For the companies that are truly concerned about ransomware, in addition to vulnerability assessments, they can follow some easy industry best practices. Backing up data and using up-to-date encryption will help negate some of the risk of ransomware.”