UK markets closed
  • FTSE 100

    7,901.80
    +81.64 (+1.04%)
     
  • FTSE 250

    20,593.46
    -21.23 (-0.10%)
     
  • AIM

    889.79
    +1.03 (+0.12%)
     
  • GBP/EUR

    1.1163
    -0.0042 (-0.37%)
     
  • GBP/USD

    1.2056
    -0.0173 (-1.41%)
     
  • BTC-GBP

    19,430.74
    -78.57 (-0.40%)
     
  • CMC Crypto 200

    535.42
    -1.43 (-0.27%)
     
  • S&P 500

    4,136.48
    -43.28 (-1.04%)
     
  • DOW

    33,926.01
    -127.93 (-0.38%)
     
  • CRUDE OIL

    73.23
    -2.65 (-3.49%)
     
  • GOLD FUTURES

    1,877.70
    -53.10 (-2.75%)
     
  • NIKKEI 225

    27,509.46
    +107.41 (+0.39%)
     
  • HANG SENG

    21,660.47
    -297.89 (-1.36%)
     
  • DAX

    15,476.43
    -32.76 (-0.21%)
     
  • CAC 40

    7,233.94
    +67.67 (+0.94%)
     

Ransomware group with links in Russia behind UK Royal Mail incident -Telegraph

FILE PHOTO: A Royal Mail sign is pictured on a delivery van outside a Post Office, in St Albans

LONDON (Reuters) -A cyber incident that led to severe disruption to Royal Mail's international export services was caused by Lockbit, a ransomware group that some cybersecurity experts say has members in Russia, Britain's Telegraph newspaper reported.

Royal Mail, one of the world's largest post and parcel firms which serves thousands of businesses, was still unable to despatch items to overseas destinations as of Thursday, according to an update on its website following the incident, which it reported on Wednesday.

To prevent a build-up of export items in its network, the British postal company, which is part of part of International Distributions Services, has advised customers not to post international export items until further notice.

Royal Mail, which declined to comment on the Telegraph report, earlier said it had engaged external experts and notified security authorities as it investigates the incident.

Ransom software, or ransomware, works by encrypting victims' data, with hackers offering the victim a key in return for payments that can run as high as millions of dollars. The number of ransomware incidents has increased sharply in recent years.

Lockbit also claimed to have targeted a French cosmetics firm called Nuxe, according to a screenshot of the group's blog on the dark web posted to darkfeed.io, a website which tracks ransomware groups.

Lockbit ransomware has been detected all over the world, with organisations in the United States, India and Brazil among the common targets, cybersecurity firm Trend Micro said last year.

It called the group, which some cybersecurity experts say has members in Russia, "one of the most professional organised criminal gangs in the criminal underground".

Britain's Information Commissioner's Office said it would be making enquiries about the Royal Mail incident, while the National Cyber Security Centre said it was working with the company and the National Crime Agency to "fully understand the impact".

(Reporting by Sachin Ravikumar, additional reporting by James Pearson in London and Tassilo Hummel in Paris; Editing by Hugh Lawson, Alexander Smith and Alex Richardson)