On the 9th March 2019, the England and Wales Police Federation [PFEW] were subjected to a ransomware attack on the main computer system in their Surrey Headquarters. The attack disabled their email connections and locked them out of their files. This was confirmed in their Twitter feed
It took them 12 days to report the incident and presumably this time was used to analyse the extent of the attack and what their level of disclosure should be.
“Every UK Government department has come under intense cost-cutting measures in recent years and the police are one of many having to do more with less. A successful attack on central government, police or medical facilities has to be the ‘cherry on the cake ‘ for any criminal because they will have the funds to pay the ransom. They will have no option to pay the ransom when we consider the nature of their data” said Max Lister [Security Analyst].
Max goes on to say “attacks like this are the ‘new normal’ with network managers having to be lucky all of the time and the criminals to be lucky only once.”
“The fact that the UK Police Federation has fallen victim to a ransomware attack shows that no system, not even those being defended by industry experts, is invulnerable,” said Max Heinemeyer, director of threat hunting at Darktrace.
Response
According to the Police Federation, soon after the attack, experts had cut off the malware to stop it from spreading even further.
Coincidentally, this attack took place just 2 days after the aluminium manufacturer Norsk Hydro was attacked was hit by a new type of ransomware named LockerGoga.
Nobody knows if any data had been stolen. Data theft is unlikely to happen during this type of attack, however it will be something they will be checking in the coming weeks.
How to prevent a ransom attack
How does anyone protect themselves from a total wipe out of data following a ransom attack?
From our point-of-view at BOBcloud, this is the type of disaster that our customers face every day. The end result would be the same if a server suffers a total hardware failure or is simply stolen.
There are numerous ways to prevent such an attack and no system is infallible when everything has to be connected to the Internet. It is the right approach to have everything protected, however it is also a good idea to have a fool proof backstop by way of an offsite backup.
With BOBcloud you can backup all of your data simply, concurrently and automatically to more than 200 different types of destination in more than 50 countries. We support backup destinations on the most common clouds such as Azure and AWS as well as most sync services including Dropbox, Google Drive and OneDrive. You can backup to your own hardware using FTP or SFTP in your office or data centre.