The LockBit ransomware group has released logs of conversations between operators and Royal Mail negotiators. Cyber attacks in January.
Hours after the incident, the LockBit Gang was reported to have: claimed liability In response to attacks that disrupted Royal Mail’s operations a few days.
Fast forward to yesterday when a hacking group leaked the entire conversation between them and a Royal Mail negotiator. IT prolasted almost three weeks.
“When LockBit moves to make negotiation conversations public, it usually comes after the fact that it has wiped out any chance of getting paid in order to act as a deterrent to future victims.” secure works.
“The message is that if you don’t pay, you can make the files public and share this data as well. But such tactics can also leave the door open for further negotiations.”
Case in point, transcripts of the negotiations show the attackers using a variety of techniques to convince Royal Mail to pay the ransom. The first was to demonstrate that the stolen file decryption tool worked. The second was to reduce the ransom amount to approximately £57.4 million ($69.76 million).
“There are still questions about the data, if any, obtained by LockBit,” Mitchell said. Information security on mail. “Royal Mail’s negotiators appear to have been trying to establish this as well, playing for some time with a boilerplate approach to responses that do not indicate willingness to pay at any point.”
Royal Mail ultimately did not pay the ransom. The deadline from the attacker was February 2009 for him. Nonetheless, at the time of writing, LockBit has not released the allegedly stolen data.
“Assuming the logs are genuine, for someone who has never seen ransomware before, it is an interesting set of insights into the processes and personalities involved in ransomware,” he said. bug cloud.
“Cybercriminal and ransomware operators exist as a brooding and opaque presence on the internet for most people, but they are made up of people and include much more familiar functions like customer support and accounts receivable. It’s easy to forget that it’s run.”
According to Mike Parkin, senior technical engineer at vulcan cybercybersecurity professionals can mitigate the risks posed by such attacks, but to do so they must work with international law enforcement agencies.
“The fact that these cybercrime groups operate using business models borrowed from the legitimate business world shows how sophisticated they are,” Parkin said. Information security on mail.
“The challenge for law enforcement is to deal with gangs that are sponsored at the state level and have no interest in working with the rest of the world.”
Besides the Royal Mail attack, LockBit also made headlines last month. Apology to Children’s Hospital Offers free decryption keys after December 2022 attacks.
