Ransomware attacks have risen sharply since Russia’s 2022 invasion of Ukraine

Britain’s postal and delivery service Royal Mail faced severe disruption to its international export services when they were targeted by a “cyber incident” on 11 January.

Royal Mail said that a full investigation has been launched and that customers should hold fire on any items they wish to send internationally while it resolves the matter. Import services remain functional with some delays. 

Royal Mail insures parcels for up to £2,500 in the UK and £250 for overseas.

A Twitter post from Royal Mail said: “We’re experiencing disruption to our international export services and are temporarily unable to despatch items to overseas destinations.

“We strongly advise customers to hold any export items while we work to resolve the issue. Sorry for any disruption this may cause.”

Understanding full impact

Royal Mail is now working with experts in cyber crime to figure out what happened. 

A National Cyber Security Centre spokesperson said“We are aware of an incident affecting Royal Mail Group Ltd and are working with the company, alongside the National Crime Agency, to fully understand the impact.”

Royal Mail was privatised in 2015 by the coalition government and the Post Office and Royal Mail were separated. 

Royal Mail which is part of the International Distribution Services has also reported the incident to its regulator, Ofcom and security authorities.

Latest ransomware victim?

Kevin Ryan, BI senior industry analyst (Insurance) at Bloomberg Intelligence, said the cyber attack on the Royal Mail could represent the latest high-profile incident amidst a sharp rise in ransomware attacks.

“Though it’s unclear whether this is the issue at the post office, there’s been a dramatic rise in ransomware incidents since the Ukraine war began and a corresponding decline in data breaches,” he said.

“Bad actors seem increasingly likely to use ransomware as a weapon. The rise in ransomware attacks may be unrelated to the Russian invasion of Ukraine but the rise in number of incidents is striking.

“The Royal Mail incident illustrates what we see as a burgeoning new business opportunity for insurers such as Axa, Axis and Beazley, which have focused on this niche market.”

download (2)

State-sponsored threat

Defence and security company Leonardo estimated that cybercrime reached $6 trillion globally in 2021, and ransomware attacks have risen sharply since Russia’s 2022 invasion of Ukraine.

KP Snacks’ February 2022 cyberattack also demonstrated the threat to which companies are exposed. About $6 trillion was lost globally to cybercrime in 2021, a significant increase vs the $600 billion McAfee estimated in 2018.

While data for 2022 is still being collated, there seems to be a consensus that attack numbers and costs are escalating. Data sharing and interconnectivity rank high as attractive targets for criminals.

Widespread adoption of the cloud to store and process data heightens the operational challenges, with supply-chain vulnerabilities exploited for the first time in 2020.

There were 623 million ransomware attacks globally in 2021 according to Sonic wall, representing a 105% year on year increase. The UK saw a 228% surge and a 65% increase in never-seen-before malware.

Hard market remains

Cyber threats and infiltration techniques are moving to more sustained levels, known as advanced persistent threats, away from quick, one-off acts.

In these cases, criminals gain unauthorised access to computer networks and remain undetected. Mandiant reports that 25% of breaches clients had more than one threat group, which sometimes worked in concert.

Demand for cyber insurance has increased as organisations seek to transfer some of the risks they are facing, however capacity remains relatively scarce and premiums continue to harden.