A ransomware group with ties to Russia is suspected of being behind this week’s cyberattack that disrupted Royal Mail’s international export services.
The Post reportedly received a ransom note from LockBit, a hacking group widely believed to have close ties to Russia, The Telegraph reports.
Printers at a Royal Mail distribution center near Belfast, Northern Ireland, have reportedly started sending ransom notes labeled “Lockbit Black Ransomware. Your data is being stolen and encrypted.
Royal Mail told customers sending parcels abroad on Wednesday that there was a “serious disruption” due to a cyber incident.
The company urged customers not to submit new items for international delivery, though domestic services and imports remained unaffected.
A statement said it was temporarily unable to ship export items, including letters and parcels, to overseas destinations.
Royal Mail had reported the incident to Britain’s National Cyber Security Centre, the National Crime Agency and the Information Commissioner’s Office.
LockBit is a ransomware attack that links extortion attacks. It automatically searches for potential suspects and then spreads the infection and encrypts all accessible computer systems on a network,” said Jake Moore, Global Cyber Security Advisor at ESET.
“Once data is stolen and encrypted, extortion tactics are used to make more money, even if there is a backup process,” said Moore. “There are no existing Lockbit decryption tools”
Preventive measures include using strong unique passwords in combination with multi-factor authentication. In addition, systems must be constantly updated with the appropriate patches to ensure protection. Offsite and separate backups and a tested recovery process are also essential.
LockBit attacks originally began in September 2019, when it was dubbed the “.abcd virus” after the name of the file extension used to encrypt a victim’s files.
Organizations in the United States, China, India, Indonesia, Ukraine, France, the United Kingdom, and Germany have been victims of these types of attacks in the past.
It is unclear when Royal Mail will be able to resume international deliveries or meet the ransom demands.
“I always recommend never paying the ransom because it ultimately funds future cyberattacks, but I know that there’s usually pressure on them in these situations and everything after that is threatening,” Moore said.
“Paying a ransom is never a guarantee of a secure transfer of data and can often lead to further problems – both financial and physical.”
Moore believes this will be a wake-up call for Royal Mail and other companies to update, re-evaluate and better protect their systems.
Source: Metro.co
Source link
I have worked in the news industry for over 10 years. I have a vast amount of experience in writing and reporting. I have also worked as an author for a number of years, writing about technology and other topics.
I am a highly skilled and experienced journalist, with a keen eye for detail. I am also an excellent communicator, with superb writing skills. I am passionate about technology and its impact on our world. I am also very interested in current affairs and the latest news stories.
I am a hardworking and dedicated professional, who always strives to produce the best possible work. I am also a team player, who is always willing to help out others.
