![]() Royal Mail is working with external experts to investigate the incident, and it reported the incident to regulatory and security authorities, according to the company’s January 19 statement. “ Given the service has not resumed a week after the cyber incident, it’s likely Royal Mail does not have an adequate backup system in place and so will be fined for not being able to reinstate and deliver this critical service,” he says. Wood contends that the delay in resuming international service could play a role in potential regulatory action. “If both of those hold true, then it shows that the organization, in this case, Royal Mail, followed the rules and regulations as best as possible. ![]() “The important factors in any sort of regulator consequences are based on whether all the right steps were taken to the best of an organization's ability and knowledge (in conforming with the requirements) and whether the incident was disclosed in a timely manner,” says Sanjay Raja, vice president of product marketing and solutions at cybersecurity company Gurucul. Whether or not Royal Mail will face any type of regulatory consequences will depend on a number of issues. They will continue trying to send parcels, with package mountains building up at local depots and a huge backlog (and likely claims) to contend with once the service resumes,” says Wood. “The sheer scale of Royal Mail’s international delivery service means it’s incredibly likely that customers from around the world may not receive the right communications about the stop-in service. While the mail carrier trials operational workarounds and recovers from the incident, it will likely have to contend with a mounting backlog. “The disruptions caused by this incident are indicative that international, physical supply chains can most certainly be disrupted by cyberattacks, which can be costly, time consuming and have a direct impact on business operations beyond the directly targeted organization,” says Alexander Heid, chief research and development officer with cybersecurity risk management company SecurityScorecard. Though a small fraction of its overall parcel volume for the year, the consequences of the breach are likely wide-reaching. The mail carrier delivered 152 million international parcels in the year ending March 2022, according to its 2021-2022 annual report. This could be anything from entering the supply chain through a network/API or even paying a disgruntled employee,” says Jonathan Wood, founder and CEO of risk management platform C2 Cyber. While we don’t know yet if this is the case for Royal Mail, we know the hacking group’s attack on Accenture in 2021 was thought to have been enabled by an insider. ![]() ![]() “LockBit often targets insiders as a way of hacking systems. ![]()
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |