Last update we had was when LockBit released a transcript of a chat alleged to be between LockBit and the RoyalMail ransomware negotiator.

Thanks to Domonic far tagging me, we can see an update has occurred on the LB site:

LockBit still demanding $40 million dollar ransom payment from Royal Mail with one last warning.#cybersecurity #infosec #lockbit @UK_Daniel_Card @SOSIntel @RoyalMail pic.twitter.com/6CovLFIDeQ

— Dominic Alvieri (@AlvieriD) February 22, 2023

Lockbit 3.0 and Royal Mail – Chats Published

Today (22/02/2023) LockBit have posted the following:

“Last chance to prevent leaks of royal information. We are ready to make a discount, remove the stolen information and provide a decryptor for 40 million dollars. There will be no more delays, after the timer expires all the data will be released.

ALL AVAILABLE DATA WILL BE PUBLISHED !”

Lockbit leak site

What occurs next we shall have to see, but I have a hunch, as I’ve said before that RM will NOT pay… we shall however have to see what develops. Ransomware events are not nice, they terrorize victims, they cause stress for people and largely my advice would be, avoid paying…. it is however a business decision and I’m not here to tell people what or what not to do. I will however say, you can break kill chains and you can invest in backup and recovery capabilities so to be in a position where payment is even considered, a lot of things have had to go wrong!