The biggest forensics company pays ransom after cyberattack

According to website security audit specialists, Eurofins, the leading provider firm of forensic analysis had to pay a ransom after a group of malicious hackers attacked them, which in fact paralyzed all its operations.

The British firm, which hoards nearly half of this market in Europe, was the victim of a “highly sophisticated ransomware attack” last June 2nd. According to Eurofins representatives, about three weeks later the company’s systems had been almost entirely restored.  

According to website security audit experts, the company agreed to pay threat actors a significant amount to regain control of their information technology infrastructure; the firm has not disclosed the amount it had to pay the malicious hackers.   

As mentioned in past opportunities, ransomware is a variant of malware that hackers inject into the victims’ IT systems, blocking their access to files and/or systems, or encrypting users’ information, to force them to pay a ransom in exchange for establishing their access again.

This incident has hindered the progress of some investigations and legal processes, and the British authorities cannot delegate these activities to other forensic companies, as at the moment the information is in the hands of Eurofins.

The company has not responded to requests for information from the cybersecurity community. The latest update on the incident published by Eurofins mentions that the company had identified the malware variant used by hackers, allowing them to implement appropriate security measures to mitigate greater risks. The National Crime Agency, in charge of investigating this incident, says it is not for it to make judgments about the company’s decision to pay the ransom to hackers.

Website security audit experts at the International Institute of Cyber Security (IICS) mention that this is not the first time a company like Euofins suffers a cybersecurity incident. Previously, forensic firms Key Forensics Services and Randox Testing Services suffered cyberattacks for a variety of purposes.