Nick Abbot 10pm - 12am
Russia-linked hackers 'behind Royal Mail attack'
13 January 2023, 13:59
A hacker group with ties to Russia was behind this week's cyber attack on Royal Mail, it has been revealed.
The incident, which has paralysed Royal Mail's Worldwide Distribution Centre in West London, was carried out by hacker gang known as Lockbit.
The group specialises in installing its own software and encrypting files so they become unusable for the host company, before asking for a ransom.
Cryptocurrency is often the form of ransom hackers demand, usually because it is harder to trace.
A note left for Royal Mail said: “Lockbit Black Ransomware. Your data are stolen and encrypted," the Telegraph reported.
Royal Mail has since reported the attack to the National Crime Agency and the Information Commissioner’s Office.
Read More: Rifts in Russian military command seen amid Ukraine fighting
Read More: Royal Mail hit by ‘severe disruption’ to international export services following ‘cyber incident’
Royal Mail said on Wednesday it was suffering "severe service disruption" to its international export services following a cyber incident.
The company apologised and said its teams were "working around the clock to resolve this disruption". It said it would update customers when it had more information.
The company is calling it a "cyber-incident" rather than a cyber attack because it does not know what has caused the problem, the BBC has been told.
The back office system that has been affected is used by Royal Mail to prepare mail for despatch abroad, and to track and trace overseas items.
A spokesperson said: "We have asked customers temporarily to stop submitting any export items into the network while we work hard to resolve the issue.
"Some customers may experience delay or disruption to items already shipped for export.
"Our import operations continue to perform a full service with some minor delays.
"Our teams are working around the clock to resolve this disruption and we will update customers as soon as we have more information.
"We immediately launched an investigation into the incident and we are working with external experts.
"We have reported the incident to our regulators and the relevant security authorities.
"We would like to sincerely apologise to impacted customers for any disruption this incident may be causing."