Royal Mail turns down $80m ransom demand from Lockbit
In January, Royal Mail fell victim to a ransomware attack that disrupted its operations when hackers gained access to their software and encrypted their files. The attack highlights the growing threat of cybercrime and the importance of taking proactive measures to prevent such incidents.
The impact of the attack on Royal Mail is significant with customers initially being unable to send packages abroad, which has now caused week-long delays in parcels being delivered internationally.
Ransomware is a type of malware that encrypts a victim's data and demands a ransom in exchange for the decryption key. In Royal Mail's case, the attackers were able to access and encrypt the company's files, bringing some of its operations to a halt.
While the company has not disclosed the exact details of the attack, most ransomware attackers will gain access to a company's network through a phishing email or by exploiting a vulnerability in the company's systems. Once inside, they can move laterally through the network, infecting other systems and encrypting data.
A hacking group known as Lockbit has claimed responsibility for the attack and has since demanded $80m or they will release large amounts of data. However, a negotiator who is speaking to the group on behalf of Royal Mail has rebuffed claims that they are only asking for 0.5% of the company’s revenue, stating that the parent company International Distribution Service (IDS) has a large turnover whilst Royal Mail has suffered a number of financial losses over the last few months, with job cuts and postal strikes being made.
If Lockbit does release the data, Royal Mail could be facing a much greater fine from the ICO (Information Commissioner’s Office) which fines companies 4% of their annual turnover if it were to become public that the company had failed to protect its data. Even with cyber insurance, this will not cover companies who failed to have the basic measures in place.
This incident serves as a reminder of the importance of cybersecurity and the need for organisations to take proactive measures to prevent such attacks. Companies should ensure that their IT systems are up to date and that they have the latest security software installed. They should also train their employees on how to recognise and avoid phishing emails, as these are common entry points for attackers.
Furthermore, organisations should have robust backup and disaster recovery plans in place to ensure that they can quickly restore their systems in the event of an attack. It is also important to have a response plan in place, outlining the steps to be taken in the event of a security breach.
The Royal Mail incident is just one example of the growing threat of cybercrime. As technology continues to advance and our reliance on digital systems grows, it is more important than ever to take cybersecurity seriously. By investing in robust security measures and educating employees on best practices, companies can protect themselves against attacks and minimise damage in the event of a breach.
To find out more about how our cyber experts can help your business, contact us today!
Cyber security services we provide include: