Tag Archive for: Russialinked

Royal Mail hit by Russia-linked ransomware attack

/in


Royal Mail sorting office

Royal Mail sorting office

Severe disruption to Royal Mail’s overseas deliveries has been caused by ransomware linked to Russian criminals, the BBC has been told.

The cyber-attack has affected the computer systems Royal Mail uses to despatch deliveries abroad.

Royal Mail has been warning customers since Wednesday of disruption due to a “cyber-incident”.

Its latest advice is for people not to try to send international letters and parcels until the issue is resolved.

Ransomware is malicious computer software that encrypts data and locks up systems.

The ransomware used in the attack is “Lockbit”, according to a source close to the investigation.

Computer security firms say the software has been developed and used by criminal gangs with links to Russia.

BBC cyber reporter Joe Tidy has seen a ransom note sent by the criminals to Royal Mail which reads: “Your data are stolen and encrypted’.

The ransom demand is expected to be in the millions, although sources close to the investigation say there are “workarounds” to get the system going again.

Ransomware attacks are a persistent threat to organisations around the world over with attacks happening on a nearly daily basis.

But this situation is highly significant, as Royal Mail is what is deemed “critical national infrastructure” – that is, it is critical to the UK economy.

The attack is not just affecting one company and its customers, but the communications and businesses of citizens at home and abroad.

Ransomware crews typically ramp up pressure on firms to transfer funds in a cryptocurrency such as Bitcoin to an anonymous digital wallet.

They will have a deadline and are likely to be threatening Royal Mail with the prospect of having potentially sensitive data published.

LockBit is thought to have strong Russian roots but the hacker that carried out the attack could be anywhere.

Last November a Canadian/Russian man was arrested for allegedly carrying out LockBit hacks from Canada.

A Royal Mail spokesman declined to comment on whether the attack was ransomware, but repeated warnings to customers that there is no end in sight to delivery disruption.

The firm is still unable to send letters and parcels overseas and says it is “working hard”…

Source…

Russia-linked hackers accused of targeting COVID-19 vaccine developers

/in
Image of vials and syringes on a tray.

Enlarge / Test doses of another potential SARS-CoV-2 vaccine. (credit: MLADEN ANTONOV / Getty Images)

Hackers backed by the Russian state are targeting pharmaceutical companies and academic institutions in the UK, US, and Canada that are working on potential COVID-19 vaccines, British intelligence officials have warned.

The UK’s National Cyber Security Centre, working with Canada’s Communications Security Establishment, attributed the attacks to hacking group APT29, also known as “Cozy Bear,” which it alleged was “almost certainly” working for Russian intelligence services. The findings have been endorsed by the US National Security Agency.

Dominic Raab, UK foreign secretary, said it is “completely unacceptable that the Russian intelligence services are targeting those working to combat the coronavirus pandemic.”

Read 12 remaining paragraphs | Comments

Biz & IT – Ars Technica