Royal Mail budgets £10 million to improve system resilience

A direct result of January cyberattack

Royal Mail budgets £10 million to improve system resilience

Royal Mail's parent, IDS, has revealed the infrastructure costs associated with its January ransomware attack for the first time.

Royal Mail has announced that it will spend £10 million on improving system resilience, following the massive ransomware attack that affected it earlier this year.

Improvements to the corporation's Heathrow Worldwide Distribution Centre, which was the target of the attack, will cost £10 million, according to a new regulatory filing.

LockBit's attack on Royal Mail raised costs across various sectors of the business. The attack primarily impacted the international shipping business, which took much longer to resume regular service than domestic operations.

Owner International Distributions Services' (IDS) most recent regulatory filing showed that the company's international parcel volume was down 5% year-on-year and revenue fell 6.5% (£22 million) over the same period, in part due to the cyberattack.

Steve Cobb, CISO of SecurityScorecard, said: "The 10 million pounds listed in their filing is described as being used for the cost of ‘remediation and systems resilience improvement'. Remediation could include activities like system recovery and rebuild."

"After ransomware events, orgs are usually looking to improve their Identity Access Management programs, which could include implementing or strengthening MFA, SSO, and Active Directory hardening."

The drop in international parcel revenue, however, is only a small portion of the group's total half-yearly losses, which stand at £319 million.

IDS has attributed a large proportion of the losses to the April agreement with the Communication Workers Union (CWU), to raise staff pay by 10% over three years.

IDS remains "concerned" about Royal Mail's financial performance. However, it also acknowledged the company faced highly challenging trading conditions throughout the year.

Compared to previous preliminary results from March this year, two months after the ransomware attack, international revenues have improved despite being down overall.

At the time IDS reported that revenues were down 12.2%, with a 7% drop in parcel volumes and lower consumer spending due to the cost of living crisis.