• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
Cyber Security News

LockBit and Royal Mail Ransomware Negotiation Leaked

You are here: Home / General Cyber Security News / LockBit and Royal Mail Ransomware Negotiation Leaked
February 15, 2023

The LockBit ransomware team has released a log of discussions involving its operators and a Royal Mail negotiator demonstrating the team demanded £65.7m ($79.85m) to safely return the firm’s stolen knowledge following a January cyber-attack.

Several hours following the incident, it was documented that the LockBit gang claimed accountability for the attack, which disrupted Royal Mail operations for numerous times.

Quick forward to yesterday, when the hacking group leaked the whole conversation between them and a Royal Mail negotiator, which according to ITPro, lasted practically 3 weeks.

✔ Approved From Our Partners
AOMEI Backupper Lifetime

Protect and backup your data using AOMEI Backupper. AOMEI Backupper takes secure and encrypted backups from your Windows, hard drives or partitions. With AOMEI Backupper you will never be worried about loosing your data anymore.

Get AOMEI Backupper with 72% discount from an authorized distrinutor of AOMEI: SerialCart® (Limited Offer).

➤ Activate Your Coupon Code


“When LockBit moves to publish the negotiation dialogue, it commonly comes about right after the truth, when they have published off any probability of finding compensated, to provide as a deterrent to future victims,” spelled out Tim Mitchell, security researcher and LockBit thematic lead at Secureworks.

“The information being: if you will not spend, we can publish data files and share this information also. But this kind of a tactic can also go away the door open for further negotiations.”

Scenario in issue, the transcript of the negotiations exhibits the risk actor making an attempt to influence Royal Mail to pay back the ransom using numerous approaches. The to start with was to present that the decryptor for the stolen files worked—the second was to lower the ransom quantity to about £57.4m ($69.76m).

“There are nonetheless thoughts in excess of what, if any, knowledge LockBit has taken,” Mitchell told Infosecurity in an email. “It looks the negotiator from Royal Mail was striving to build this as effectively, participating in for time with a formulaic solution to answers that failed to reveal an intention to spend at any stage.”

Royal Mail did not pay back the ransom in the end, with the remaining deadline from the danger actor remaining February 09. Irrespective of this, at the time of producing, LockBit has not publicly introduced the allegedly stolen details.

“Presuming the logs are genuine, it truly is a fascinating established of insights into the process and personalities concerned in ransomware for those who’ve not found it in advance of,” explained Casey Ellis, founder and CTO at Bugcrowd.

“It’s uncomplicated to ignore that while cybercrime and ransomware operators present to most as shadowy, opaque entities out on the internet, they are composed of and run by persons, together with much much more acquainted capabilities like client support and accounts receivable.”

In accordance to Mike Parkin, senior specialized engineer at Vulcan Cyber, cybersecurity pros can lessen the risk from attacks like this but they have to have to cooperate with the worldwide law enforcement community to do so.

“The fact that these cyber-legal gangs work using business enterprise designs borrowed from the respectable company entire world reveals how subtle they have turn into,” Parkin informed Infosecurity in an email.

“The challenge for legislation enforcement is working with gangs sponsored at the Point out amount by nations that have no desire in cooperating with the rest of the planet.”

Over and above the Royal Mail attack, LockBit was also in the information previous month for apologizing to a children’s medical center and supplying it with a absolutely free decryption critical soon after a December 2022 attack.


Some areas of this article are sourced from:
www.infosecurity-magazine.com

Previous Post: «accelerating your it transformation Accelerating your IT transformation
Next Post: Google Launches Privacy Sandbox Beta on Android 13 Devices Cyber Security News»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • Malicious Python Package Uses Unicode Trickery to Evade Detection and Steal Data
  • Some GitHub users must take action after RSA SSH host key exposed
  • THN Webinar: Inside the High Risk of 3rd-Party SaaS Apps
  • Pension Protection Fund confirms employee data exposed in GoAnywhere breach
  • GitHub Swiftly Replaces Exposed RSA SSH Key to Protect Git Operations
  • Now UK Parliament Bans TikTok from its Network and Devices
  • IRS Phishing Emails Used to Distribute Emotet
  • Researchers Uncover Chinese Nation State Hackers’ Deceptive Attack Strategies
  • Fifth of Execs Admit Security Flaws Cost Them New Biz
  • Online Safety Bill: Why is Ofcom being thrown under the bus?

Copyright © TheCyberSecurity.News, All Rights Reserved.