Wave Systems Corp. (fka WAVXQ)

[Methinks]

UK's biggest forensic services firm pays ransom to criminals after hackers launch cyber-attack on its IT systems

https://www.dailymail.co.uk/news/article-7216621/UKs-biggest-forensic-services-firm-pays-ransom-criminals-hack.html

Eurofins Scientific was infected with 'ransomware' computer virus a month ago

The firm, Britain's largest forensics testing lab, is reported to have paid a ransom

Court cases and criminal investigations were put on hold after the cyber attack

By ED RILEY FOR MAILONLINE

PUBLISHED: 12:06, 5 July 2019 | UPDATED: 14:53, 5 July 2019

View comments
Britain's largest forensics testing firm has paid a ransom after its IT systems were targeted in a cyber attack, it has been reported.

Eurofins Scientific, which has laboratories in Cambridgeshire, Oxfordshire and Derbyshire, was infected with a 'ransomware' computer virus a month ago.

Eurofins is responsible for more than 50% of the UK's forensic science market and processes more than 70,000 for police every year.

Court cases and criminal investigations were put on hold by UK police after the attack.

The firm's IT systems were disrupted and taken offline as a result and the company released a statement saying the attack had been 'highly sophisticated and well-resourced.'

Just a week ago the firm said its operations were 'returning to normal.'

Luxembourg-based Eurofins Scientific was hit by the attack over the weekend of June 1 to 2 (pictured, a technician searching for fingerprints on a knife at Eurofins) +3
Luxembourg-based Eurofins Scientific was hit by the attack over the weekend of June 1 to 2 (pictured, a technician searching for fingerprints on a knife at Eurofins)

The National Crime Agency, which is investigating the attack, said it was a 'matter for the victim' as to whether a ransom had been paid, the BBC reported.

The BBC has not been told how much money was involved in the ransom payment or when it was paid.

The ransom is likely to have been paid between 10 June, when Eurofins issued a lengthy statement about the attack, and June 24 when it published an optimistic update, saying it had 'identified the variant of the malware used', the BBC reports.

It said: 'We are continuing to work intensively with leading cybersecurity experts to further secure our current systems and infrastructure and to add enhanced security features and measures to protect our systems and data.'

'The investigations conducted so far by our internal and external IT forensics experts have not found evidence of any unauthorised theft or transfer of confidential client data.'

Eurofins said it would also not comment on whether a ransom had been paid or not.

It added it was 'collaborating with law enforcement' in the UK.

A criminal probe was launched after the attack and the National Police Chiefs' Council said all submissions to the firm were temporarily suspended.

No data appeared to have been stolen in the breach, but Eurofins said customers could experience 'potential temporary disruption or delays to some of its services'.

This was highlighted when a court in Kent was told the firm was still in a 'cyber crime lockdown', more than two weeks after the breach, and that neither the prosecution or defence could have access to forensic material.

The National Crime Agency is leading a criminal probe into the attack.

Rob Jones, Director of Threat Leadership at the NCA said today: 'The National Crime Agency is leading the criminal investigation into a recent cyber incident that has affected Eurofins Scientific.

Eurofins Scientific has offices in Cambridgeshire, Oxfordshire, south west London and Derbyshire

-------------------------------------------------------------------
https://www.wavesys.com/wave-alternative

The IT perimeter is gone

With tablets, smartphones, and cloud applications, your employees can access sensitive data anytime, from anywhere. Indeed, around 70 percent of security breaches and data thefts are inside jobs. Meanwhile, the hackers only get better: advanced persistent threats (APTs) appear as normal traffic, and malware can go unnoticed for weeks.

It’s a new world, one without borders. Yet most organizations are still trying to protect their data with the same old firewalls and antivirus software. It’s not working. We refer you to the headline-making breach of the week.

You have to start with the device

Wave has an alternative: security that’s built into each and every device.

We’re talking about hardware: self-encrypting drives (SEDs), which protect data when a device is stolen or lost, and trusted platform modules (TPMs), or embedded security chips. Both go in at the factory, and increasingly, both are standard. They make it possible for you to monitor and control each individual device and its data, no matter where it is. But you need software to turn on and manage your SEDs and TPMs. Wave makes that software.

We’ve been refining comprehensive, centralized management of hardware-based security longer than anyone else. More than that, we’ve shaped the field as a founding member of the Trusted Computing Group, the not-for-profit that develops and promotes industry standards for the hardware.

Security that’s confirmed, not assumed

With Wave, you’ll know that you’re secure. Because we start with the individual devices, you get a broad, deep view of your network. You can see exactly who’s on it, with what devices and what apps, at any given time. Just for example, if Bob goes home and tries to log onto Facebook with the company laptop, Wave can stop him.

A big piece of this heightened security is device authentication. Traditional two-factor authentication requires what amounts to two user IDs. But by using the TPMs inside your devices, Wave can confirm the identity of not only users, but also the devices they’re on. Combine that with fast, enforced encryption of sensitive data via your SEDs—all easily managed with Wave software—and your data is protected from the full range of modern risks: device theft, missent emails, flash drives, portable hot spots … even (and no one else can say this) hardware keyloggers. Not to mention Bob.

Do we need to say that with Wave, compliance is no problem?

Start closing your security gaps today, with what you’ve got

You might be surprised to hear that 90 percent or more of your computers probably already have TPMs. Mobile devices are catching up fast. SEDs are newer, but you probably have a bunch of those too. Machines that don’t have them can often be outfitted at little to no extra cost. So you’ve got some or all of the hardware. All you need to do is turn it on with Wave.

It’s almost as easy as it sounds. TPMs and SEDs are built to open, vendor-neutral industry standards, and so are Wave solutions. That means Wave works on your existing mix of hardware, across platforms, and will evolve with you. It’s part of what makes the Wave alternative not only more secure, but also simpler and cheaper. Total cost of ownership for Wave data protection can be almost half that of a traditional software-based system.

Questions? Read on, or contact our sales department.
==================================================================
https://www.wavesys.com/products/wave-virtual-smart-card

https://www.wavesys.com/products/embassy%C2%AE-remote-administration-server-tpm-management

https://www.wavesys.com/products/wave-self-encrypting-drive-management

==================================================================
The links below can help organizations with enabling better cybersecurity solutions.

https://www.wavesys.com/

https://www.wavesys.com/contact-information