The Royal Mail attacked, and slow to recover
On January 10, printers in one of the Royal Mail’s Belfast sites began printing ransom notes supposedly from the LockBit Ransomware gang. The ransom read: ‘Your data are stolen and encrypted.’ The Royal Mail has been struggling with the aftereffects of the attack by unknown agents since January 10th, stalling international post being delivered and causing delays across the UK. This comes at a bad time for the UK population, as recent strike action related to pay changes and working conditions has already caused long delays with the postal service.
With the threat of cyber crime growing constantly, the time and resources allocated to prevention and security need to grow also. The fact that the delivery of even physical post can be stalled completely due to cyber crime shows the level of dependency on the internet the UK has become accustomed to. With higher dependency, a higher level of security is a must.
The Royal Mail is not the only large company to be targeted by a cyber attack. Just last month the Guardian reported an attack, although it was clear none of the personal data of subscribers was compromised. Although the attack did not cause serious damage to the newspaper, they have postponed their return to office for at least a month, so as to tackle the issue. Similarly, Microsoft was successfully hacked last year by a 16 year old boy, and just this week Teams and Outlook crashed unexpectedly in the UK. Whether this was an attack or just a system failure is currently unknown - it is common (albeit illegal) for companies to not publicly declare they have been hacked, out of a fear of damaging their company name.
As a private company the Royal Mail is required by law to keep the relevant authorities informed, but beyond that it has said very little. They have not even publicly accepted they were the victim of a Ransomware attack, despite this being common knowledge by now. It is unknown whether this attack has compromised customer data as well as company data. The amount of private data the Royal Mail holds on UK citizens is unsurprisingly enormous.
Cyber attacks in 2023
There are any number of ways for a cyber hacker, or black hat, to get into a system, and with so many devices now connected (while unprotected) to the internet, the options are constantly growing. Lights, blinds, or speakers that can be controlled through an app for example, can be accessed and used as an entry point for a malicious agent. The famous example in 2017 in the US of hackers breaching a casino through a fish tank in the lobby demonstrates the many avenues for attack open to cyber criminals. The Royal Mail has restarted its exporting of parcels from the backlog as it tries to recover from the attack. They are still not accepting new parcels, as the delays are already substantial.
The devastating impact of Ransomware
The 2017 NotPetya attack on Ukraine (believed to be orchestrated by Russian agents) caused billions of pounds worth of damage in its initial stages. Although staging itself as a Ransomware, there was no way for the variant to modify itself once the attack started, so it has since been classified as a Malware attack.
The damage to infrastructure, and the delays caused by the data that was unusable after the breach, caused it to be one of the most damaging attacks on record. Maersk was one of over 80 companies to be attacked, suffering an unknown amount of damage financially, with low estimates in the hundreds of millions.
The Royal Mail attack is thought to have come from LockBit, the Russian cyber criminal group. Unlike the NotPeyta attack, this is allegedly not a politically motivated attack, but rather just an attempt to extort money through Ransomware. The fact that it is a cornerstone of British infrastructure is anecdotal.
Emma Thomson of Romford, who runs a jewellery company, complained of hundreds of pounds of cost to her business as she is having to send products by other, more expensive, postal services. She is one of many who has been negatively impacted by the attack. And like many, Thomson criticises the lack of defences and the slow reaction from the Royal Mail.
Ciaran Martin, professor at the University of Oxford and former chief of the National Cyber Security Centre, argued the delays in getting operational are to be expected. A Ransomware attack is so destructive, causing ‘extensive damage to the network’, that it is impossible to resolve the situation quickly.
Will cyber crime get worse?
Almost certainly, yes. With technology advancing exponentially, and AI being used in everything from art to healthcare, the threat landscape is constantly expanding. Unsupervised machine learning, machine speed attacks and devastating zero day attacks (never before seen ways of attacking a system) are all being used more and more.
The Global Risks Perception Survey predicted that cyber attacks on critical national infrastructure (CNI) would be as damaging as the current energy and food supply crises. And as technology continues to grow, the potential threat grows with it. Without a serious look at cyber security and defence, companies like the Royal Mail will not stand a chance.