Forensic Files: How Better Risk Management Practices Can Keep the Court Systems Moving

When The Guardian reported last weekend that the main supplier of forensics services to the UK police force had suffered a ransomware attack a few weeks before, placing on high-alert status many agencies around the globe (including the National Cyber Security Centre), we contacted our friends at riskmethods for some expert commentary on the decision to temporarily suspend all law enforcement submissions to Eurofins Forensics Services. While the victim of the attack now states everything is back to normal, the repercussions of a data breach can be huge – beyond financial.

News of a cyber-attack against the UK’s largest private forensic company, Eurofins Forensic Services, led police to suspend all work with the company until the issue can be investigated and resolved to the satisfaction of law enforcement. The decision was significant as Eurofins currently conducts more than 50 percent of testing in UK cases, totaling over 70,000 criminal cases each year.

While the immediate impact of this decision could lead to delays for forensic testing for some court cases, the risk of carrying forward with potentially tainted findings are just too great to proceed - paling in comparison to what could unfold if the evidence examined in these labs were to be called into question in future court proceedings. For an example of what can happen when the validity of evidence and forensic findings are questioned, the William A. Hinton State Laboratory Institute in Boston, Massachusetts, is a prime case study. In this case, a former lab technician was discovered to have forged or altered findings putting more than 23,000 convictions in jeopardy. The fallout far exceeded any potential delays on the front end.

“The Eurofins case represents the ultimate ripple effect moment and worst-case scenario for the UK government and a failure on their part to adequately manage supply chain risk,” says Bill DeMartino, General Manager of riskmethods North America. “While a delay of this magnitude will certainly create chaos in the short-term, to proceed knowing the findings from these labs would be brought into question later would be reckless and irresponsible.  As bad as it is now, it would only get worse if they hadn’t taken action to suspend activities by these labs.”

Eurofins highlights the fact that no matter whether you are in manufacturing, healthcare, or a government entity, you are at risk for vendor shortcomings, accidents or malpractice. While this was a cyber attack on a private company, the UK government stands to bear the greatest impact as this is their principal supplier of forensic services and analysis.

The fact that the UK government relies so heavily upon one company for its forensic analysis is a violation of a core tenant of risk management: Never create a single source of failure in your supply chain. While they are not the only private contractor used by authorities in the UK, they manage a large enough volume that an interruption in service can create bottlenecks throughout the entire system.

While law enforcement absolutely made the right call in suspending activities with these labs until it can be verified that no evidence was compromised, the greater point is that they should be more diversified in their contracting so that they could continue proceedings without interruption when a significant issue arises.

First Voice

  1. Peter Smith:

    There used to be a government-owned forensic Science Service. Even though I worked around government and the police service a fair bit, I never got to the bottom of why politicians (and perhaps top Home Office civil servants too) hated it so much. It was closed in 2012 with the view that private sector providers could do the work better. Hhhmmm..
    Also, one of several short briefing papers I wrote for riskmethods was on cyber risk. If any readers are interested – still available here! https://www.riskmethods.net/resources/cyber-risk/

Discuss this:

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.