Fraud Management & Cybercrime , Geo Focus: The United Kingdom , Geo-Specific

UK Orgs Tout Government Help in Ransomware Incidents

Former Royal Mail and Manchester University CISOs Talk Ransomware Response
UK Orgs Tout Government Help in Ransomware Incidents

Timely notification of ransomware incidents to British law enforcement agencies played a crucial role in understanding the threats and in developing mitigation strategies, the former security heads of Royal Mail and the University of Manchester said.

See Also: Demostración Del Producto: Backup Y Recuperación De VM

The LockBit ransomware group in January 2023 targeted Royal Mail, disrupting international shipping for several weeks. Hackers in June 2023 stole 7 terabytes of data, including confidential personal information from students and staff from the University of Manchester.

Speaking at Information Security Media Group's London Summit on Tuesday, Jon Staniforth, CISO of Royal Mail, and Heather Lowrie, former University of Manchester CISO, said government cyber agencies helped them handle their cyber incidents.

Staniforth said Royal Mail reported the incident to the National Cyber Security Center and National Crime Agency within hours of detecting the breach. "The agencies shared a lot of information of with us, and then at certain points, some of their own staff came in and worked alongside after," he said.

Based on a recommendation from the agencies, Royal Mail negotiated with the threat actors for nearly three weeks, which he said helped the organization to "buy time so we could understand what was going on."

Lowrie said the external help was a "moral boost" for her organization. "When you're working through an incident, to have those external partnerships and support as we discuss reporting to NCSC and NCA and others is really valuable."

A survey published by the Department of Science, Innovation and Technology in April found widespread reluctance to report incidents, often due to fear of fines or reputational damage (see: Half of UK Firms, Charities Failed to Report Cyber Incidents).


About the Author

Akshaya Asokan

Akshaya Asokan

Senior Correspondent, ISMG

Asokan is a U.K.-based senior correspondent for Information Security Media Group's global news desk. She previously worked with IDG and other publications, reporting on developments in technology, minority rights and education.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.