A criminal organization has targeted Royal Mail with ransomware and threatened to publish the stolen data online.
A ransom note from LockBit, a hacker group widely believed to have close ties to Russia, has been delivered to the postal service.
On Wednesday, Royal Mail stated that it was unable to send letters or parcels abroad due to a “cyber incident.” Despite the fact that domestic services and imports were unaffected, the company asked customers not to submit new items for international delivery.
Attackers using ransomware take advantage of security flaws in businesses to install their own software and encrypt files so they can’t be used. After that, they demand a ransom, frequently in cryptocurrency, which, due to its independence from the banking system, can be more difficult to trace.
The Telegraph reports that ransom notes were printed by printers at a Royal Mail distribution center close to Belfast in Northern Ireland. The note read, Ransomware named Lockbit Black. Your data are encrypted and stolen.
Woman at Christmas shopping online with laptop Labor attacks delays to online safety bill as it highlights Christmas scams Read more Researchers in online security posted photos on social media claiming to show the ransom note.
The incident has been reported by Royal Mail to the National Crime Agency, the Information Commissioner’s Office, and the UK government-run National Cyber Security Centre. It has not made any specifics about the nature of the incident public.
The National Health Service and businesses of all sizes are among the organizations that have been affected by ransomware. Last month, ransomware attacked The Guardian.
The Lockbit ransomware software is thought to have been developed by criminals primarily from Russia and other former Soviet republics, according to Andrew Brandt, a principal researcher at the cyber security company Sophos. In exchange for a share of any ransoms, it grants access to the software to affiliated criminal organizations.
Brandt stated that ransom demands against organizations that were listed on a publicly accessible website ranged from approximately $200,000 (£165,000) to nearly $1.5 million.
Brandt stated, “Something Royal Mail will have to consider is whether or not they are going to pay a ransom.” I think they should never pay these people anything because I’m a little bit of a purist.
However, he stated, it can be a “delicate balance” for organizations based on the extent of the attack and the data stolen.
The date Royal Mail plans to resume international delivery has not been disclosed. The recent strike action by workers has already had a significant impact on the business, and a new vote is scheduled for this month to approve additional industrial action in the dispute over pay and changes to working conditions.
The delays are thought to have the greatest impact on smaller exporting businesses. According to policy chair Tina McKenzie of the Federation of Small Businesses, businesses had already experienced “a tumultuous Christmas period after postal strikes, and this latest cyber incident is the last thing they need.”
She stated that it is “an already difficult time” for smaller exporters. This paints a very unsettling picture in the context of disruptions to the global supply chain, rising shipping costs, and more paperwork.
Royal Mail declined further comment.