The Royal Mail’s IT systems became the target of a LockBit ransomware attack that demanded an $80 million ransom from the company. The hackers exploited the company’s vulnerabilities or through phishing attacks to access its network and encrypted its files to demand a large ransom payment in exchange for the decryption key. Cybersecurity experts note that LockBit might have intended to target the company’s parent organization, IDS, but made an error while doing so.
Royal Mail Negotiates with LockBit for Weeks, Refuses to Pay Ransom
After discovering the LockBit ransomware attack, representatives of the Royal Mail negotiated with the scammers for several weeks. However, the company eventually refused to pay the demanded ransom amount. Journalists claimed that LockBit demanded a new negotiator as the previous one tried to obtain decryption of files under the guise of documents for sending medical equipment.
LockBit Demands 0.5% of Income from Royal Mail
During the correspondence between the Royal Mail and LockBit, the hackers stated that they demanded only 0.5% of the company’s income. However, the company replied that they did not have such an amount and recorded only losses every year. Royal Mail declined to comment on the authenticity of the chat, which ended up on the web.
LockBit is Known for High-Profile Ransomware Attacks
LockBit is a well-known ransomware group that has carried out several high-profile attacks on various organizations in the United States and Europe. One of the most notable attacks was on the Accenture consulting firm in 2021. The group typically demands large ransom payments in exchange for the decryption key, often in the millions of dollars. Organizations need to implement robust cybersecurity measures, regularly back up data, and be vigilant for potential security breaches to protect themselves from such attacks.
Protecting Against Ransomware Attacks
To safeguard against ransomware attacks, organizations must implement robust cybersecurity measures, such as regularly updating software and operating systems, using strong passwords and multifactor authentication, and training employees to identify and avoid phishing scams. Companies should also regularly back up their data, both on-site and off-site, to ensure that they can quickly restore their systems in case of an attack. Being vigilant for potential security breaches can also help companies detect and respond to attacks promptly.