Thursday, December 5, 2024
HomeCyber Security NewsUK's Biggest Forensic Services Provider Paid Huge Ransom After Their Systems Lock...

UK’s Biggest Forensic Services Provider Paid Huge Ransom After Their Systems Lock Down by Sophisticated Ransomware

Published on

SIEM as a Service

The UK based one of the most prominent forensic firm Eurofins Scientific suffering cyber attack with ransomware and, they paid to ransom to cybercriminals.

Eurofins Scientific work with the police department to solve tens of thousands of criminal cases each year across the U.K.

Eurofins computer network hit with a sophisticated ransomware attack which forces them to pay ransom to hackers.

- Advertisement - SIEM as a Service

It was unclear how much ransom amount was exchanged between hackers and the Forensic Firm which was attacked last month.

Read: Ransomware Attack Response and Mitigation Checklist

The ransomware attack hit the company, which accounts for over half of forensic science provision in the UK, on the first weekend in June.

Ransomware is one of the dangerous cyber attacks that infected the victim with highly strong encryption keys and lock down the system files to demand the ransom amount in order to unlock it.

A common factor of Ransomware is that very strong Encryption (2048 RSA key) method are using for all the Ransomware variant which is estimated to take around 6.4 quadrillion years to crack an RSA 2048 key by an average desktop computer.

According to BBC report, “The ransom is likely to have been paid between 10 June, when Eurofins issued a lengthy statement about the attack, and June 24 when it published an optimistic update, saying it had “identified the variant of the malware used” in the attack and had strengthened cyber-security”

The company said that they are investigating the incident with leading cybersecurity experts and also confirms that there is no evidence of any unauthorized theft or transfer of confidential client data.

“Eurofins deals with over 70,000 criminal cases in the UK each year. It carries out DNA testing, toxicology analysis, firearms testing and computer forensics for police forces across the UK.”

Also, an emergency police response to the cyber-attack was led by the National Police Chiefs’ Council (NPCC) to manage the flow of forensic submissions so DNA and blood samples which needed urgent testing were sent to other suppliers. BBC reported.

Eurofins said the attack was “well-resourced” but three weeks later said its operations were “returning to normal”.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity updates also you can take the Best Cybersecurity course online to keep yourself updated.

Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Latest articles

I-O DATA Routers Command Injection Vulnerabilities Actively Exploited in Attacks

I-O DATA DEVICE, INC. has announced that several critical vulnerabilities in their UD-LT1 and...

ChatGPT Next Web Vulnerability Let Attackers Exploit Endpoint to Perform SSRF

Researchers released a detailed report on a significant security vulnerability named CVE-2023-49785, affecting the...

Cisco NX-OS Vulnerability Allows Attackers to Bypass Image Signature Verification

A critical vulnerability has been identified in the bootloader of Cisco NX-OS Software, potentially...

Deloitte UK Hacked – Brain Cipher Group Claim to Have Stolen 1 TB of Data

Brain Cipher has claimed to have breached Deloitte UK and exfiltrated over 1 terabyte...

API Security Webinar

72 Hours to Audit-Ready API Security

APIs present a unique challenge in this landscape, as risk assessment and mitigation are often hindered by incomplete API inventories and insufficient documentation.

Join Vivek Gopalan, VP of Products at Indusface, in this insightful webinar as he unveils a practical framework for discovering, assessing, and addressing open API vulnerabilities within just 72 hours.

Discussion points

API Discovery: Techniques to identify and map your public APIs comprehensively.
Vulnerability Scanning: Best practices for API vulnerability analysis and penetration testing.
Clean Reporting: Steps to generate a clean, audit-ready vulnerability report within 72 hours.

More like this

I-O DATA Routers Command Injection Vulnerabilities Actively Exploited in Attacks

I-O DATA DEVICE, INC. has announced that several critical vulnerabilities in their UD-LT1 and...

ChatGPT Next Web Vulnerability Let Attackers Exploit Endpoint to Perform SSRF

Researchers released a detailed report on a significant security vulnerability named CVE-2023-49785, affecting the...

Cisco NX-OS Vulnerability Allows Attackers to Bypass Image Signature Verification

A critical vulnerability has been identified in the bootloader of Cisco NX-OS Software, potentially...