
I'm calling it. This is North Korea using Russian hackers trained in Iran and funded by China.
Royal Mail confirmed a "cyber incident" has disrupted its ability to send letters and packages abroad, and also caused some delays on post coming into the UK. The postal service, and the UK's National Cyber Security Centre and National Crime Agency, issued similar statements about the IT SNAFU on Wednesday, with Royal Mail …
Is the conspicuous use of the weasel word 'incident' another way of saying "This is Horizon all over again, except this time we've screwed ourselves (and your mail) with our incompetence, not our staff."? Let's just say I wouldn't put it past them.
One thing we can be certain of, it's hardly a rousing display of IT competence to turn around and tell the world and his dog that you don't know whether you've just been hacked or whether your stuff is just broken.
I'd like to be in a position to give them the benefit of the doubt, but wilfully pursuing criminal prosecutions against their staff when they knew it was their shitty software at fault has rather exhausted any sympathy I might ever have had for them.
They have to report the incident to the ICO regardless of what the understanding is due to the time constraints or notification. It is very easy to be critical from the outside of one of these incidents.
Yes it may be systems a failure but that is usually apparent pretty early on so the likelihood is that there has been some sort of ransomware or similar event.
I agree with you on the Horizon debacle but that is not just down to Royal Mail, Fujitsu are just as culpable, if not more but appear to have escaped without much impact.
This post has been deleted by its author
I don't see the usual suspects, such as 'our customers data / privacy / money / well-being is our top-most priority', I'm kinda disappointed. But at this stage I imagine they found 'something' in their systems and they're trying to figure out HOW LONG HAS IT BEEN THERE (probably since the latest cost-optimisation process ;)
I'd say "Incident" implies that while they don't know for sure (i.e. have no evidence) that it was an outside hack or ransomware, they have at least reasonable grounds for suspicion it was. They would likely say "fault" if it was a system failure caused by other means.
I agree it's not ideal they said this, but they had to say something as people will notice their mail isn't getting to other countries, and I don't think (in this situation at least) there is any statement they could give that doesn't make them look bad. And they do, after all, if a hacker or ransomware can get through their defences, they need to sort out those defences.
Royal Mail was stolen from the taxpayer bought in to private hands, and is a company that must turn a profit. Employing actual people directly to do the IT is a huge waste of money, and of course this then means that the most financially savvy approach would be to outsource the IT to some company that promises the Earth for £10 a month.
Of course, IT issues never happen, especially when it comes to the risk analysis by the accountants. So when it does go all Pete Tong, the accountants are crying because of lost revenue, the managers are crying because nothing is working so their bonuses are in real danger of looking dodgy when they're given to them at the end of the year regardless of the fuck ups in the past 12 months, and the one guy in PR is just given the one job of damage limitation - so they just revert to type and go "Hackerz innit".
Before they go on to mutter "the security and protection of our customer's information is of paramount importance to us".
Yes I see the mask (troll?) icon, but feel a need to stick my oar in...
"...expect it to turn a profit even if it were still in the hands of the taxpayer..."
Sorry, but NO.
If it is in the hands of the taxpayer is should NOT show a profit - and nor should it show a loss.
It should be given just enough of my money to allow it operate, no more and no less.
Public services (of which the national postal system is surely one) shouldn't be about turning a profit. The problem here, is that as a nationalised entity, the financial impetus was to charge enough to cover the costs. As a privatised entity, the impetus is to charge as much as they can get away with (and cut costs) to make as much profit as feasibly possible.
It's no coincidence that the price of a stamp has gone up, since privatisation, way over the rate of inflation, and that the staff are now striking over pay and conditions, largely because their pay has NOT gone up with inflation, and because the management are trying to change working conditions to force people to work more evenings and weekends, use their own vehicles, and act more like zero-hours agency staff with fewer employee rights. If my employer did this to me, I'd be on strike (if I was a member of a union, that is). Meanwhile, whilst those in charge are bemoaning the fact that they "aren't turning a profit," hundreds of millions of pounds are paid out in dividends to shareholders.
Privatisation is always about private equity getting richer at the expense of everybody else, with the possible exception of the politicians who are responsible for the privatisation, who I'm "sure" are not getting any backhanders.
The Belfast Telegraph isn't necessarily the most reliable of news sources, but they do claim to have some info that it's a ransomware attack:
(paywalled, but you can read the 1st paragraph)
To be fair, the Belfast Telegraph probably got the scoop here, because apparently the printers in NI sorting offices started printing out ransom notes!
This does imply that those who deployed the ransomware either gave it the ability to generically print to any printer they could find, or that they knew something about the infrastructure they were targeting, and thought this would be "cute".
Since we re-opened (mail order biz) 3rd jan onwards noticed there was a hyper aggressive firewall in play with all of royalmail.com. Also international stuff sent on Monday (direct collection) would take till Friday to appear at heathrow with the result customers not believing we've sent it as tracking showing awaiting from customer. Result we cancelled collections as needed to get a scan in that items were collected.
When firewall was triggered you'd get a white page saying "Access Denied You don't have permission to access <url> on this server. Reference <long hex number>.
Change IP and immediately site is available again until u hit two tracks in quick succession or hit reload too much.
To get it to trigger just track a package once it displays track info then hit refresh one or two times
This started happening this year as is the huge delay in international items processing. I reckon yesterdays announcement was just to get people to stop adding to the pile.
Anyway we'll stop adding to the pile for sure.. now trying to figure out alternatives else we'll be out of business. oh and unlikely to be returning to RM from this point on. In December couldn't get anything moving even with other couriers because of backlogs everywhere.
"Anyway we'll stop adding to the pile for sure.. now trying to figure out alternatives else we'll be out of business. oh and unlikely to be returning to RM from this point on. In December couldn't get anything moving even with other couriers because of backlogs everywhere."
You tried Evri?
Evri and dpd were the ones tried through shopify own booking deal - dpd - taken to a shop - never collected for 4 days (one of the 2 day strike days RM had) went back to shop to find that it was still there so took it off them and sent it again by RM. Hermes - a few packages were left in an inpost locker took 7 working days to be collected from the locker ?? complained to both inpost and hermes and just got evasive responses as usual.
I suspect they have been having problems for way longer than just yesterday with International deliveries, I have 2 tracked international parcels posted mid December going from Liverpool going to the USA which have still not left the Heathrow distribution centre. Previously parcels sent on the same service to the USA were delivered within 7- 10 days after posting. I suspect ill have to refund the buyers of the items since they are probably not going to leave the UK any time soon now a month since I posted them out and they haven't even left the UK!
sent to US 23 dec batch got first intake scan at heathrow langley depot on 30 dec but then moved on with some arr US on 3 Jan (NY mostly as they are fast) anything touching chicago is always another 4-5 days so that stuff took till 12 Jan. Having said that there's a few that also went through chicago that delivered on the 4 Jan so variable it seems. ISC NY is generally more reliable RM even knows it as some times they divert entry point to that to get batches for central US cleared sooner.
I have 2 tracked international parcels posted mid December going from Liverpool going to the USA which have still not left the Heathrow distribution centre
I can beat that - I've got a parcel going from Newcastle to USA, posted over the counter on 8th December, and according to tracking it still hasn't left the local post office.
"The postal company did not immediately respond to The Register's inquiries, which included queries about the expected duration of the disruption."
I would so hate to be the press office at any company getting that query. Completely pointless annoying question when they aren't sure on all the facts themselves. What are expecting them to say, "3 days mate"?
> Completely pointless annoying question when they aren't sure on all the facts themselves. What are expecting them to say, "3 days mate"?
It's a useful question because the level of bullshit will give you a clue to the level of idiot you are dealing with. If they tell "3 days mate" then you know you are screwed and you might as well pack up and go home. If the answer is along the lines of "it'll be ready when it's ready", then you know you aren't dealing with a complete idiot. Even stupid questions can have value.
Having used their bulk sending system quite a bit when I was helping to run a magazine, that was a big clunky, over-complicated system that judging by its design and behaviour could not have been implemented later than 2005. If everything else built like that under the bonnet, I would not be in the least surprised to find it only took the smallest nudge to knock it over and/or it had some clanging vulnerabilities that nobody had bothered to look for.
… that we live in a country where someone cares about delivering parcels. I’ve worked in countries where probability of delivery is not even equal to the flip of a coin. Stuff just never arrives, ever. In South Africa at least there is a commercial enterprise that mirrors the state run service with a much higher success rate.
"with a much higher success rate." Well comparing anything to the S.A. Postal Service, you are going to get a much higher success rate. The S.A. Post is a complete waste of time, anything I have ever posted there, or indeed posted when I am there has never, ever, arrived; without fail
Ironically the SA postal service should be called "TakeALot" Because that's what they do. They take everything.
Its almost a charity, "Oooh I feel charitable this year so I will send toys to an orphanage" which is basically saying I will give the nice people who work at the post office some old toys.
Even innocent letters get opened just in case there is bank account information, or heaven forbid, actual money in them.
If the SA postal Service got hit by a cyber attack, nobody would notice.
#rantover
The BBC are confirming the Russian ransomware theory
Why? Were we POSTING weapons to Ukraine?
The BBC are confirming the Russian ransomware theory
There is a famous saying in our newsroom: "Is it true or did you hear it on the BBC?"
Shame really: The BBC was the world's premier broadcaster until the late '90s. It's now a "woke" shambles of lefty disinformation.
Although ParcelFarce are claiming this is Royal Mail only. I sent a parcel to Hong Kong that didn't make it past "Collected" from the local post office before being returned to me with no reason. ParcelFarce confirmed that it never left the country. The recipient is now back in the UK anyway, however a parcel they sent themselves from Hong Kong to the UK, made it's way to the UK but then ParcelFarce appear to lack eyes to read the address and deliver it. Instead, with no warning (bearing in mind the recipient was also the sender), shipped it back to Hong Kong.
Apparently this is not a sign of a cyber incident though. It's just ParcelFarce usual level of service. I think a message in a bottle dropped in the sea would be quicker and more reliable.
When I asked if they were impacted by the incident they said they absolutely weren't. When I asked if my personal data was breached, I was asked to tell them what personal data was breached. They don't have a clue. No wonder we find that they were an easy target.
Pathetic security from the Royal Mail. Pathetic lack of coverage and updates from El Reg. So many businesses depend upon this. It is a lot more important than half the stuff you are covering. Switching to couriers is particularly expensive for smaller businesses. Where are the updates? Where is the 'Plan B'? If your tech goes down you should still be able to function. Those responsible for dealing with this should be fired.