It has happened. Again. Another ransomware attack has hit companies today. The brunt of the attack was aimed at the Ukraine, but companies worldwide were affected.
Parcels and trains held to ransom
In May it was FedEx (amongst others) that was affected by the ransomware virus WannaCry. Another logistics company that was affected, or infected, was German railway and freight company Deutsche Bahn. Up to 200.000 computers at thousands of companies were hit.
Parcels and ships held to ransom
Today’s attack was done with what seems to be a new virus according to internet security company Kaspersky in a blogpost earlier today. Again large logistics companies were affected. In the Netherlands parcel carrier TNT fell victim. The brand new APM Terminal in the Port of Rotterdam had to shut down because of the virus. Also, computers of APM Terminal’s parent company Maersk were affected worldwide.
All your files are belong to us
In a ransomware attack the infected computer is taken over and locked. A screen appears demanding a sum of money to be paid in Bitcoins in exchange for all the files of the computer. Hence the term ransomware, In this case the amount is around EUR 250 per infected computer. Obviously the advice is to never pay any ransom amount, as you have no guarantee you will get your files back even if you pay. Below is a picture of what seems to be a Maersk or APM Terminals PC that has been seized:
#Nieuws: Rotterdamse containerterminal ligt plat door hack. O.a. 's werelds grootste rederij Maersk Line getroffen door grote cyberaanval. pic.twitter.com/liW1Tumrju
— Paul Henriquez ???????? (@OpiniePaultje) June 27, 2017
Translation: #News: Rotterdam container terminal off line due to a hack. Among companies affected by the attack is the world’s largest shipping company Maersk.
3 things logistics companies can do
Here are 3 things logistics companies can do to minimize the chance that they are affected by a ransomware attack.
- Make sure all operating systems are up to date and all the latest updates and patches have been installed. This is even more important than having anti virus software up to date
- Make sure all employees are aware of the dangers of clicking unknown URL’s or e-mail attachments. The danger is not limited to e-mail. Social media is another way a malicious URL could be spread.
- Make regular back-ups. If a computer gets infected, only a limited amount of data is lost when everything is erased and re-installed. The most important files will still be available then
If you want to read more on what you can do against ransomware I suggest reading this blogpost from Kaspersky, or this update from McAfee. A more technical explanation of today’s attack by McAfee can be found here.
The message that you hope not to see on your computer screen:
(image courtesy of Kaspersky)
