Home / Royal Mail / The ‘cyber incident’ involving Royal Mail appears to be a ransomware attack

The ‘cyber incident’ involving Royal Mail appears to be a ransomware attack

According to The Telegraph, the current “cyber incident” at the British postal service Royal Mail was caused by an attack that used ransomware tools from the LockBit hacker collective, which has ties to Russia. On Wednesday, Royal Mail announced the situation and stated that it could not dispatch items worldwide.

According to a ransomware note making the rounds on Twitter and purportedly sent to the postal service, the company’s data is “stolen and encrypted.” If a ransom isn’t paid, it will be made public online. “LockBit Black Ransomware,” which is believed to be LockBit’s most recent encryptor, is mentioned in the note.

According to BleepingComputer, the ransom message contains links to the Tor sites for the LockBit data leak and negotiation. However, a representative for the hacker group denied responsibility for the attack and said that someone else might have used its tools after they were exposed last September when the publication approached it for comment.

According to BleepingComputer, if this were the case, Royal Mail would be unable to contact the attacker because the note contains connections to LockBit’s websites. According to a service update from Royal Mail dated January 13th, it is still impossible to deliver packages abroad.

Disruption occurs at Royal Mail as a result of the “cyber incident”

Following a cyber breach, “Royal Mail is experiencing severe service disruption to our international export services following a cyber incident,” it states. “We are temporarily unable to despatch items to overseas destinations. We strongly recommend that you temporarily hold any export mail items while we work to resolve the issue.”

According to The Telegraph, the malware attacked crucial the postal service printers used to generate customs labels for foreign goods. According to BBC News, the postal service was previously publicly held before being privatised in 2013 and is seen as “critical national infrastructure.”

The notification from Royal Mail reads, “Our teams are working around the clock to resolve this disruption, and we will update you as soon as we have more information,” The National Cyber Security Centre of GCHQ and the National Crime Agency are supporting this inquiry. Royal Mail didn’t answer immediately when asked for a comment.

As per, The Financial Times, LockBit is a group that is reportedly based in Russia. According to The Telegraph, it has been held responsible for a number of ransomware assaults, including those against the Canadian town of St. Marys, Ontario, the car dealership Pendragon, and a children’s hospital. According to The FT, the demanded ransom for a company like Royal Mail is more than $1 million.




Source link

About admin

Check Also

Royal Mail responds to claims of 10-day waits for Christmas post across Canterbury, Whitstable and Herne Bay

Royal Mail says it is working to clear a busy Kent delivery office by Christmas …

Leave a Reply

Your email address will not be published. Required fields are marked *