FedEx caught up in ransomware cyberattack

News broke on Friday, 12 May that FedEx was among the companies and organisations targeted by a global so-called ‘ransomware’ attack affecting Microsoft Windows operating systems. Screens become locked and a message is displayed demanding the payment of $300 to regain access to the data.

According to cybersecurity experts such as Kaspersky, Russian companies have been hit the hardest although the most prominent target seems to have been the UK’s National Health Service where many operations and procedures were cancelled. Some of Spain’s telecom companies were also affected.

Despite FedEx’s admission, it is unclear as yet the impact on the express and logistics industry as a whole. FedEx issued a short statement to media: “Like many other companies, FedEx is experiencing interference with some of our Windows-based systems caused by malware.  We are implementing remediation steps as quickly as possible.  We regret any inconvenience to our customers.” However further information from other companies affected is proving difficult to come by.

Although the origin of the attack is still hazy, some analyst have linked it to a group of Russian cybercriminals, utilising a vulnerability that was identified by the US’ National Security Agency and subsequently leaked.

Microsoft had apparently issued ‘patches’ to fix the problem in March, but many users had not installed them. The incident has revealed that even the most advanced logistics and supply chain companies are at risk from basic attacks such as this one. Whereas millions are spent on ensuring the security of sophisticated supply chain management and execution systems it seems that criminals have simply been able to exploit a security breach through the ‘back door’.

Source: Transport Intelligence, May 15, 2017

Author: John Manners-Bell