Friday, March 29, 2024

UK’s Biggest Forensic Services Provider Paid Huge Ransom After Their Systems Lock Down by Sophisticated Ransomware

The UK based one of the most prominent forensic firm Eurofins Scientific suffering cyber attack with ransomware and, they paid to ransom to cybercriminals.

Eurofins Scientific work with the police department to solve tens of thousands of criminal cases each year across the U.K.

Eurofins computer network hit with a sophisticated ransomware attack which forces them to pay ransom to hackers.

It was unclear how much ransom amount was exchanged between hackers and the Forensic Firm which was attacked last month.

Read: Ransomware Attack Response and Mitigation Checklist

The ransomware attack hit the company, which accounts for over half of forensic science provision in the UK, on the first weekend in June.

Ransomware is one of the dangerous cyber attacks that infected the victim with highly strong encryption keys and lock down the system files to demand the ransom amount in order to unlock it.

A common factor of Ransomware is that very strong Encryption (2048 RSA key) method are using for all the Ransomware variant which is estimated to take around 6.4 quadrillion years to crack an RSA 2048 key by an average desktop computer.

According to BBC report, “The ransom is likely to have been paid between 10 June, when Eurofins issued a lengthy statement about the attack, and June 24 when it published an optimistic update, saying it had “identified the variant of the malware used” in the attack and had strengthened cyber-security”

The company said that they are investigating the incident with leading cybersecurity experts and also confirms that there is no evidence of any unauthorized theft or transfer of confidential client data.

“Eurofins deals with over 70,000 criminal cases in the UK each year. It carries out DNA testing, toxicology analysis, firearms testing and computer forensics for police forces across the UK.”

Also, an emergency police response to the cyber-attack was led by the National Police Chiefs’ Council (NPCC) to manage the flow of forensic submissions so DNA and blood samples which needed urgent testing were sent to other suppliers. BBC reported.

Eurofins said the attack was “well-resourced” but three weeks later said its operations were “returning to normal”.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity updates also you can take the Best Cybersecurity course online to keep yourself updated.

Website

Latest articles

IT and security Leaders Feel Ill-Equipped to Handle Emerging Threats: New Survey

A comprehensive survey conducted by Keeper Security, in partnership with TrendCandy Research, has shed...

How to Analyse .NET Malware? – Reverse Engineering Snake Keylogger

Utilizing sandbox analysis for behavioral, network, and process examination provides a foundation for reverse...

GoPlus’s Latest Report Highlights How Blockchain Communities Are Leveraging Critical API Security Data To Mitigate Web3 Threats

GoPlus Labs, the leading Web3 security infrastructure provider, has unveiled a groundbreaking report highlighting...

Wireshark 4.2.4 Released: What’s New!

Wireshark stands as the undisputed leader, offering unparalleled tools for troubleshooting, analysis, development, and...

Zoom Unveils AI-Powered All-In-One AI Work Workplace

Zoom has taken a monumental leap forward by introducing Zoom Workplace, an all-encompassing AI-powered...

iPhone Users Beware! Darcula Phishing Service Attacking Via iMessage

Phishing allows hackers to exploit human vulnerabilities and trick users into revealing sensitive information...
Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Mitigating Vulnerability Types & 0-day Threats

Mitigating Vulnerability & 0-day Threats

Alert Fatigue that helps no one as security teams need to triage 100s of vulnerabilities.

  • The problem of vulnerability fatigue today
  • Difference between CVSS-specific vulnerability vs risk-based vulnerability
  • Evaluating vulnerabilities based on the business impact/risk
  • Automation to reduce alert fatigue and enhance security posture significantly

Related Articles