In response to the breaking news on the reported ‘cyber-incident’ at Royal Mail, which has significantly affected key systems used to run its international delivery services,
“‘Crippled’ Royal Mail international services could be because of threat actors”
“Royal Mail has announced severe disruption to its international export services due to a ‘cyber incident’, resulting in the postal service requesting its customers to refrain from using its services.
“Royal Mail cyber teams will have pre-defined and pre-rehearsed playbooks for this type of event. It is reported that they are already engaged with an external Incident Response team. These Incident Response teams will now be gathering as much information on the assailants, such as who are they, how did they get in, what systems and tools are compromised, if and what has been exfiltrated, if and what are their demands and how to remove the threat with limited business interruption.
“Threat actors have varying motivations to attack an organisation. Whether it be to harvest and sell customer information, staff credentials or session cookies on the dark web or other credential bidding sites. Or they could apply a ransom for encrypted data, which in the case of the ransomware attack on the retailer, FatFace, attackers located the victim’s cyber insurance documents during the breach to use as a bargaining technique with the hackers reported to receive £1.45m ransom payment.”
Comment from David Trump, Cyber Security Solutions Director at BOM IT Solutions. David has over 15 years experience working in the IT and digital infrastructure strategies space. Before taking up his current role at BOM IT Solutions, he worked at BT Global Services.