National Crime Agency leading inquiry after malware assault
A criminal investigation has been launched after the headquarters of the Police Federation of England and Wales suffered a malware attack that deleted and encrypted portions of its backup data.
The attack, which took place on 9 March, affected “a number of databases and servers”. It disabled email services and rendered files inaccessible.
There is currently no evidence to suggest any data was “extracted or misused”. There is a low risk of any such activity being discovered, although the possibility cannot be discounted, according the federation.
- NCA cybercrime unit looks to deepen ties with Russia’s neighbours
- How can the public sector manage cyberthreats?
- National Crime Agency flags up need for more big data skills
“All indications are that the malware did not spread any further than the systems based at Federation House, the organisation’s Surrey headquarters, with none of the 43 branches being directly affected,” PFEW added.
The cyber breach – which the federation does not currently believe was targeted specifically at the organisation but, rather, was part of a wider assault – was discovered via internal security systems at 7pm on the day in question.
“We isolated the infection and took some services offline in order to minimise spread,” PFEW said. “We immediately instructed a leading forensics firm, BAE Systems, to assist with the response.”
The day after the attack, the incident was reported to the National Cyber Security Centre and the National Crime Agency – which is now leading the criminal investigation. The Information Commissioner’s Office was alerted to the breach on Monday 11 March.
PFEW, which is the statutory staff association for police constables, sergeants, inspectors, and chief inspectors across England and Wales, represents around 120,000 officers. It claimed that “various categories of individuals… including our members” were affected by the breach. Anyone impacted will be personally contacted presently, PFEW said.
PFEW national chair John Apter said: “We are deeply sorry that this has happened. The Police Federation takes data security very seriously and responded immediately on becoming alerted to this incident. Our priority has been to mitigate the damage caused by the attack and to protect the personal data of our members and others whose data we hold.”
The federation has set up a dedicated website bringing together its statement on the attack and the answers to a list of questions. At 12pm today it also launched a helpline – the number for which is 0800 358 0714 – to provide advice for anyone who has concerns.