Connect with us

Hi, what are you looking for?

Business

Royal Mail ransomware attackers threaten to publish stolen data

Royal Mail has been hit by a ransomware attack by a criminal group, which has threatened to publish the stolen information online.

The postal service has received a ransom note purporting to be from LockBit, a hacker group widely thought to have close links to Russia.

Royal Mail revealed that it had been hit by a “cyber incident” on Wednesday, and said it was unable to send parcels or letters abroad. The company asked customers to refrain from submitting new items for international delivery, although domestic services and imports were unaffected.

Ransomware attackers exploit gaps in organisations’ security to install their own software and encrypt files so they are unusable. They then ask for a ransom, often in cryptocurrency, which can be harder to trace because it is not reliant on the banking system.

Printers at a Royal Mail distribution site near Belfast in Northern Ireland started printing ransom notes, according to the Telegraph. The note said: “Lockbit Black Ransomware. Your data are stolen and encrypted.”

Online security researchers posted photographs purporting to show the ransom note on social media.

Royal Mail has reported the incident to the UK’s government-run National Cyber Security Centre, the National Crime Agency and the Information Commissioner’s Office. It has not publicly revealed any details regarding the nature of the incident.

Organisations that have been hit by ransomware range from the National Health Service to businesses of almost every size. The Guardian was hit by a ransomware attack last month.

Andrew Brandt, a principal researcher at Sophos, a cyber security company, said the Lockbit ransomware software is thought to have been developed by criminals mainly from Russia and other former Soviet republics. It gives criminal affiliates access to the software in exchange for a cut of any ransoms.

Ransom demands against organisations listed on a publicly available website ranged from around $200,000 (£165,000) to almost $1.5m, Brandt said.

“Something Royal Mail is going to have to consider is whether or not they are going to pay a ransom,” Brandt said. “I’m a bit of a purist and [say] they should never pay these people anything.”

However, it can be a “delicate balance” for organisations depending on the severity of the attack and what data has been taken, he said.

Royal Mail has not indicated when it expects to be able to resume international deliveries. The company has already been heavily affected by workers’ recent strike action, and a new ballot is planned this month to approve further industrial action in the dispute over pay and changes to working conditions.

Smaller exporting companies are thought to be the most affected by the delays. Tina McKenzie, policy chair of the Federation of Small Businesses, said companies had already been through “a tumultuous Christmas period after postal strikes, and this latest cyber incident is the last thing they need”.

It is “an already challenging time” for smaller exporters, she said. “In the context of global supply chain disruption, rising shipping costs and more paperwork, this creates a very worrying picture.”

Read more:
Royal Mail ransomware attackers threaten to publish stolen data

    You May Also Like

    Business

    1.22 billion people use Instagram every month. That’s a huge number of Instagrammers trying to hit it big on the platform all at the...

    Business

    The head of the International Monetary Fund has warned of increased risks to the stability of the financial system after weeks of banking sector...

    Business

    Since the rise of online casinos, cybersecurity has become a major concern for both casino operators and players alike. The transactions that go around...

    Business

    The Home Office has made next to no progress in tackling criminal fraud during the past five years, despite it having become Britain’s most...

    Disclaimer: rightdecisionnow.com, its managers, its employees, and assigns (collectively “The Company”) do not make any guarantee or warranty about what is advertised above. Information provided by this website is for research purposes only and should not be considered as personalized financial advice. The Company is not affiliated with, nor does it receive compensation from, any specific security. The Company is not registered or licensed by any governing body in any jurisdiction to give investing advice or provide investment recommendation. Any investments recommended here should be taken into consideration only after consulting with your investment advisor and after reviewing the prospectus or financial statements of the company.

    Copyright © 2023 rightdecisionnow.com | All Rights Reserved