Brit Police Federation cops to ransomware attack on HQ systems
Sort-of union for bobbies has triggered criminal investigation
The Police Federation of England and Wales (PFEW), a sort-of trade union for police workers, has been battling to contain a ransomware strike on the group's computer systems, it confessed this afternoon.
In a statement posted on Twitter, PFEW said it first noticed the attack infecting its systems on Saturday 9 March, "with cyber experts rapidly reacting to isolate the malware to stop it spreading to branches". It informed the ICO and the NCSC two days after the infection.
We can confirm we have been subject to a malware attack on our computer systems. We were alerted by our own security systems on Saturday 9 March. Cyber experts rapidly reacted to isolate the malware and prevent it from spreading #PFEWCyberAttack pic.twitter.com/8Zi49S82ZM— Police Federation (@PFEW_HQ) March 21, 2019
It added the attack "was not targeted specifically at PFEW and was more likely to have been part of a wider campaign", saying that so far it reckons the malware had only affected the organisation's Surrey HQ. It does not believe any data was extracted from its systems, reinforcing the notion that the incident could be down to run-of-the-mill ransomware.
"There is no evidence at this stage that any data was extracted from the organisation's systems, although this cannot be discounted and PFEW are taking precautions to notify individuals who may potentially be affected," said the association, which includes 120,000 constables, sergeants, inspectors and chief inspectors across 43 territorial forces.
The PFEW added in an FAQ: "A number of databases and systems were affected. Back up data has been deleted and data has been encrypted and became inaccessible. Email services were disabled and files were inaccessible."
The federation tweeted: "As a precaution we are contacting individuals who are potentially affected, including our members, and will be providing them with further helpful information, including as to how they can make enquiries."
Police workers reacted negatively to the news, with one posting on Twitter: "Why has it taken over 11 days to inform your members?"
The usual canned statement filled with apologies was also included in the customary statement, as was the insistence that PFEW took data security "very seriously" and had acted as soon as it was alerted to the malware.
BAE Systems' Cyber Incident Response Division is the federation's infosec firm. Perhaps unsurprisingly, police triggered a criminal investigation, having also involved GCHQ offshoot the National Cyber Security Centre and the National Crime Agency.
The federation carries out most of the functions of a trade union, inasmuch as it gives out advice to its members and engages with police managers on their behalf. However, there is one key difference: police constables are banned by law from going on strike. ®