The National Police Chiefs’ Council (NPCC) has approved the return of Eurofins Forensics Services to the forensics marketplace following the criminal cyber attack suffered in June. The ransomware attack – targeting parent company Eurofins Scientific – affected the IT systems of its forensics subsidiary, which is based in the UK and is one of the primary forensic service providers to UK policing.
As a result, the NPCC temporarily suspended all law enforcement submissions to Eurofins Forensics Services in order to safeguard policing data and the criminal justice system.
Following weeks of sustained effort by the NPCC, Eurofins, the Home Office, the National Crime Agency (NCA) and the National Cyber Security Centre (NCSC), the NPCC’s lead for the forensic marketplace, Assistant Chief Constable Paul Gibson, has recommended Eurofins can resume operational work on behalf of policing.
“It has taken weeks of concerted effort across Government, law enforcement and the company themselves to achieve this extremely positive step forward,” said ACC Gibson. “The security and integrity of the criminal justice system is of the highest possible priority, which meant we had to take stringent steps to ensure that police data had, firstly, not been manipulated or changed and, secondly, was suitably protected for the future. There is still significant work to do, but we have approved Eurofins’ return to the marketplace and have removed the restrictions placed on forces over the last few weeks.”
National Contingency Plan
The National Contingency Plan, which placed caps and restrictions on the amount of samples submitted by forces to the forensics marketplace, has now been lifted and policing can begin a transition back to business as usual – a process that will be carefully managed and is expected to take around two weeks, although there will be longer delays in some forensic disciplines.
Weeks of reduced capacity has meant that backlogs of approximately 15,000 samples have built up across the country, but Eurofins’ return will allow the marketplace to gradually build back to the strength it was at before the cyber attack took place.
“We will continue to monitor and assess the impact on the marketplace,” continued ACC Gibson, “but the backlogs held by forces will be cleared over the weeks to come as we start to gradually restore capacity. This will regrettably mean some delays to both investigations and court cases, but I want to assure the public we will continue to work diligently to mitigate the impact upon the criminal justice system and try to ensure that samples can be processed as quickly as the system allows.”
The NCA continues to lead the criminal investigation into the cyber attack, but due to the quantity of data involved and the complexity of the enquiries it’s not deemed appropriate to update on the investigation at this stage.