Wednesday, February 8, 2023
Home Tech News A Russian hacking group may be behind the Royal Mail cyber attack

A Russian hacking group may be behind the Royal Mail cyber attack

Royal Mail told customers sending parcels abroad that it was facing ‘severe service disruption’ due to a cyber incident (Picture: SWNS.COM)

A ransomware group with links to Russia is suspected to be behind this week’s cyber attack disrupting Royal Mail’s international export services.

The postal service received a ransom note allegedly from LockBit, a hacker group widely thought to have close links to Russia, as reported by The Telegraph.

Printers at a Royal Mail distribution site near Belfast in Northern Ireland reportedly started printing ransom notes that said ‘Lockbit Black Ransomware. Your data are stolen and encrypted’.

On Wednesday, Royal Mail told customers sending parcels abroad that it was facing ‘severe service disruption’ due to a cyber incident.

The company asked customers to refrain from submitting new items for international delivery, although domestic services and imports were unaffected.

A statement said it was temporarily unable to despatch export items including letters and parcels to overseas destinations.

Royal Mail had reported the incident to the UK’s government-run National Cyber Security Centre, the National Crime Agency and the Information Commissioner’s Office.

’LockBit is a ransomware attack which couples extortion attacks. It automatically looks for potential suspects and then spreads the infection and encrypts all accessible computer systems on a network,’ said Jake Moore, Global Cyber Security Advisor at ESET.

‘Once data has been stolen and encrypted, the extortion tactics occur in order to make more money even if a backup process is in place,’ said Moore. ‘There are no existing Lockbit decryption tools,’

Preventive measures include using strong unique passwords in alliance with multi-factor authentication. Furthermore, systems need constant updating with the appropriate patches to ensure protection. Offsite and disconnected backups and a tested restore process are also vitally important.

DAILY MAIL ONLINE Busiest day of the year for the Royal Mail Heathrow world wide distribution centrer where employees expect to handle approximately 4.2m items. Slough, 18th December 2018

A ransomware group with links to Russia is suspected to be behind this week’s cyber attack disrupting Royal Mail’s international export services (Picture: SWNS.COM)

Attacks using LockBit originally began in September 2019, when it was dubbed the ‘.abcd virus’ in reference to the file extension name used when encrypting a victim’s files.

Organizations in the United States, China, India, Indonesia, Ukraine, France, the UK and Germany have been past victims of this type of attack.

It’s unclear when Royal Mail will be able to resume international deliveries or if it will comply with ransom demands.

‘I always advise never to pay the ransom as it ultimately funds future cyberattacks but I know the pressure is usually forced upon them in these situations and all while hindsight looms on them,’ said Moore.

‘Paying ransoms will never guarantee the safe redelivery of the data and can often bring further problems – financially and physically,’

Moore thinks that this will be a ‘wake-up call’ for Royal Mail and other companies to update, reassess and better protect their systems.



What is LockBit, the Russian ransomware group?

LockBit 2.0, entered the cybercrime space in July 2021 as an extortionist syndicate bringing talented hackers together to achieve for-profit or even political goals.

On August 23, 2021, a Russian-speaking tech blog YouTube channel ‘Russian OSNIT’ published an interview with the representatives of LockBit uncovering details of their operations.

The hackers said that they did not attack healthcare and educational institutions or social services and charities.

‘We value our reputation and destroy all of the victim’s data if the ransom is paid, guaranteeing full confidentiality of the deal,’ they said in the interview.

Last year, a Russian LockBit ransomware operator was arrested in Canada by Europol.


MORE : Royal Mail unable to send letters and parcels overseas after ‘cyber incident’


MORE : Hackers claim to have leaked the email addresses of 200,000,000 Twitter users

- Advertisment -

Most Popular

Vass Bednar: Why Canada needs a publicly owned cloud

Breadcrumb Trail Links Telecom Innovation Big Tech companies have become our...

Sorrento, B.C. woman wants improved highway safety after truck crashes into house

A woman in British Columbia’s Shuswap is calling for improved safety measures on the Trans-Canada Highway after an out-of-control 18-wheeler truck slid off of...

The best smart lamps of 2023

Searching for a smart lighting solution for your desk, end table, or nightstand? Consider adding a smart lamp to your shopping list. These versatile...

This is how Microsoft will compensate websites Bing and ChatGPT steals information from

Microsoft's industrial-scale theft of hand-written information is about to destroy thousands of small businesses, and I am entirely unsurprised. Today, Microsoft unveiled ChatGPT integration with...