Back-ups deleted in Police Federation ransomware attack
The Police Federation of England and Wales has been hit by an apparent ransomware attack impacting several of its databases and servers.
The association, which represents 119,000 officers, fell victim to a ransomware attack on 9 March, but was only revealed yesterday (March 21st). Several databases and email systems were encrypted, according to the organisation, leading to some disruption to its services. Its backup data had also been deleted.
"There is no evidence at this stage that any data was extracted from our systems but this cannot be discounted," the organisation said in a tweet.
In a later tweet it said that, "all indications are that the malware did not spread any further than they systems based at our Surrey headquarters, with none of the 43 branches being directly affected."
In an FAQ it later said that "a number of databases and systems were affected. Back up data has been deleted and data has been encrypted and became inaccessible. Email services were disabled and files were inaccessible."
"As a precaution we are contacting individuals who are potentially affected, including our members, and will be providing them with further helpful information, including as to how they can make enquiries."
The incident is now been reported to the National Cyber Security Centre, the Information Commissioner and the National Crime Agency. An investigation has been started.
"The National Crime Agency is leading an investigation and broader law enforcement response into the cyber-incident affecting the Police Federation of England and Wales (PFEW)," said a statement by the NCA.
"Specialist officers from the NCA’s National Cyber Crime Unit (NCCU) are managing the ongoing investigation and are working with the PFEW and the National Cyber Security Centre (NCSC) to gain a better understanding of the incident.
"Our investigations into these types of incidents are often complex and can take some time before the full details are established. As our enquiries are ongoing, we cannot comment further at this time," it added.
Max Heinemeyer, director of Threat Hunting at Darktrace told SC Media UK that the fact that the UK Police Federation has fallen victim to a ransomware attack shows that no system, not even those being defended by industry experts, is invulnerable.
"In the wake of this week’s Norsk Hydro attack, we are seeing a slight resurgence of ransomware. The danger is that these attacks don’t have to be technically sophisticated to be devastating. They often abuse systematic weaknesses such as software vulnerabilities, outdated patches and weak administrative credentials. We have even seen some late strains of ransomware with a surprisingly low detection rate by commercial antivirus software," he said.
"Clearly, building walls is no longer enough. Organisations across all sectors will have to adopt AI defences, to catch attackers already on the inside."
Roy Rashti, cyber-security expert at Bitdam, told SC Media UK that large organisations are high-value targets for cyber-criminals.
"Organisations like the PFEW are a gold mine for attackers. Their high-level of communication with the public means that employees are more likely to receive emails from external contacts and, subsequently, at greater risk of being targeted and compromised," he said.
"Therefore, these organisations must ensure that attacks are blocked from reaching end users’ to prevent adversaries from penetrating their networks; particularly via email, the path most travelled by cyber-criminals in today’s climate."
Industry: Cyber Security News
- Sailpoint IIQ Consultant
- Up to £75,000
SailPoint IIQ consultant- London We are looking for a strong SailPoint IIQ consultant to work for this global enterprise, in this position you will be the lead consultant in regard to the IAM and PAM tools Duties include Responsible for designing, developing, testing, implementing, and integrating IAM (SailPoint) systems and solutions. Assessing requirements for Identity and Access Management solutions to meet stakeholders needs. Provide support for production IAM infrastructure systems and processes. Ensures the maintenance, patching, operating, and monitoring of IAM systems. Ensures senior management and staff are informed of any changes and updates in a timely manner. Experience with Maintaining and supporting SailPoint IIQ Assessing requirements for Privilege Access Management solutions to meet stakeholders needs We are looking for someone with the following experience SailPoint IIQ experience Expertise working with SailPoint Identity IQ platform - Access Lifecycle Management, Certifications, Role Management Expertise in onboarding applications with various connectors like Active Directory, JDBC, SCIM 2.0, Azure Active Directory Expertise in developing APIs (SCIM, REST) leveraging Java based developmentExperience of Privileged Access Management concepts and use cases Unfortunatly we are unable to provide sponsorship for this opportunity, therefore applications will need to be able to work in the UK
- SailPoint Consultant- Netherland-
- upto €700 per day
We are looking for a highly skilled SailPoint IIQ Consultant to work on a major deployment project. The ideal candidate will have experience with all aspects of SailPoint IIQ, including development, configuration, and administration. They will also be able to work independently and as part of a team to deliver high-quality results. · Responsibilities · Develop and configure Sailpoint IIQ solutions · Integrate SailPoint IIQ with other systems · Support SailPoint IIQ deployments · Provide technical support to users If you are a highly skilled SailPoint IIQ consultant who is looking for their next project, we encourage you to apply. look forward to hearing from you!
- Lead CyberArk deployment Consultant
- Upto £80,000 plus benefits
CyberArk Consultant is needed to be responsible for leading the deployment of CyberArk solutions for this expanding IT services business, You will work with customer both pre and post sales, getting involved in CyberArk Solution Design, helping to create CyberArk Strategic Roadmaps, on-boarding accounts, product and process integration into the CyberArk Solution and Proviso of Installation and technical Documentation. We are looking for this individual to have experience in: Installation of CyberArk PAS for V11.X and V12.X (Vault, DR Vault, Central Policy Manager and Password Vault Web Access) Upgrade of CyberArk from V9 and V10 (Vault, DR Vault, Central Policy Manager and Password Vault Web Access) Installation and Upgrade of Privilege Session Manager and Privilege Session Manager Proxy As some of your client will be government site, all individual will need to be put through SC clearance, therefore you must be eligible to receive this and happy to be put through(With a British Citizen or to have lived in the UK for the past 5 years) We are unable to provide work visa sponsorship for this opportunity
- Senior Business Analyst - Outside IR35 Contract, SC Clearance Required, London
- £400 per day outside IR35
Senior Business Analyst - Outside IR35 Contract, SC Clearance Required, Based in London Project- to engage with colleagues and stakeholders to investigate and model business functions, processes, information flows and data structures, using a range of business analysis techniques. • You will translate the solution to the business problem into detailed requirements by creating user stories and well-defined acceptance criteria. • Elicit end-to-end business requirements for a live cross-government service • Working across the Government departments to bring together varied business and operational outcomes to form a holistic overall set of service requirements Current SC clearance is required. As is the ability to travel to London.