Royal Mail starts moving ‘limited’ number of parcels after cyber attack
Royal Mail has started moving ‘limited volumes’ of export parcels following a cyber attack in January.
The company said it was trialling ‘operational workarounds’ but continued to ask customers not to submit any new export parcels into the network.
A statement said: ‘Our initial focus will be to clear mail that has already been processed and is waiting to be despatched.
‘We are pleased to announce that we have resumed the export of letters which do not require a customs declaration to all international destinations.
‘From 1900 this evening, customers will be able to start submitting international export letters which do not require a customs declaration into the Royal Mail network again through all channels including Royal Mail post boxes and Post Office branches.
‘Royal Mail continues to work with external experts, the security authorities and regulators to mitigate the impact of this cyber incident, with a focus on restoring all services for export letters and parcels.
‘Our import operations continue to perform a full service with some minor delays. Domestic services remain unaffected.
Royal Mail added it was ‘working around the clock’ to fully resolve the situation.
Following the cyber attack, the postal service allegedly received a ransom note from LockBit, a hacker group widely thought to have close links to Russia, according to reports.
It’s not clear whether or not Royal Mail has paid any ransom, and the company declined to respond to requests for comment from Metro.co.uk.
However, Royal Mail has reported the incident to the UK’s government-run National Cyber Security Centre, the National Crime Agency and the Information Commissioner’s Office.
Jake Moore, Global Cyber Security Advisor at ESET, told Metro.co.uk: ’LockBit is a ransomware attack which couples extortion attacks. It automatically looks for potential suspects and then spreads the infection and encrypts all accessible computer systems on a network.
‘Once data has been stolen and encrypted, the extortion tactics occur in order to make more money even if a backup process is in place.’
Mr Moore added: ‘There are no existing Lockbit decryption tools,’
Attacks using LockBit originally began in September 2019, when it was dubbed the ‘.abcd virus’ in reference to the file extension name used when encrypting a victim’s files.
Organizations in the United States, China, India, Indonesia, Ukraine, France, the UK and Germany have been past victims of this type of attack.
MORE : A Russian hacking group may be behind the Royal Mail cyber attack
MORE : Royal Mail unable to send letters and parcels overseas after ‘cyber incident’