29 April 2019
Last month the Police Federation of England and Wales’ (PFEW) IT systems suffered from a string of cyber attacks.
On Saturday 9 and Thursday 21 March, systems at our HQ in Leatherhead were subject to a malware attack which impacted a number of databases and servers. As a result, The Hub (our internal website for reps) was disabled and we were unable to update this website – please bear with us as we check and update content across this site – if you have any queries or think information is missing or come across a broken link please contact us. The main www.polfed.org website was also affected.
The PFEW was alerted to the first incident – which only affected HQ – at around 7pm on 9 March through security systems, but the second attack affected the majority of local branches.
On becoming aware of the attacks, the PFEW immediately disconnected the network to stop further spread before reporting them to the National Cyber Security Centre (NCSC), the National Crime Agency (NCA) and the Information Commissioner's Office (ICO).
Following the first attack, BAE Systems was instructed – a leading forensics firm – to assist with the response. The PFEW is continuing to work with them and they were on site during the second attack.
There is no evidence any personal data has been extracted from the PFEW at either the HQ or any branch, however, this cannot be ruled out and investigations continue. While the risk of data being extracted or misused is low, the PFEW alerted members as to the potential risk at the earliest opportunity.
The complex matter is the subject of a criminal investigation and the PFEW has had to liaise carefully with relevant authorities as to the information that can be made public, therefore they were unable to notify members sooner.
National Chair, John Apter, said: “The impact on PFEW systems is significant and I want to offer my reassurance that we are doing everything possible, working with the National Crime Agency and BAE Systems – who are experts and professionals in this type of criminal activity – to stop any further damage.
“The necessary steps were taken to tackle the first attack and re-establish business and support for our members.”
Indications are that the first attack was not targeted specifically at the PFEW and was likely part of a wider campaign, but we cannot speculate as to the second attack at this stage.
Mr Apter continued: “Everyone and anyone is vulnerable to cyber attacks like this and unfortunately the reality is that once hit, you can become the target of further attacks.
“Our priority remains to secure and stabilise the situation in order to get branches back up and running as soon as possible, with our members at the forefront of all decisions that are being made.”
The NCSC recommends PFEW members be vigilant to suspicious emails, texts and phone calls.
Those concerned about fraud or lost data can visit Action Fraud or call 0300 123 2040.
Advice can also be obtained from the National Cyber Security Centre.
For more information please read the cyber attack FAQs on the national PFEW website