News / DSV targeted by new logistics-focused hacking group

DHL: NEW CFO APPOINTMENTFDX: TRADING UPDATE ON THE WAY TSLA: ON THE MENDGM: TECH STARTUP LISTINGDSV: NEW HIGH TARGET CHRW: BOLT-ON DEAL TIMEDHL: GO GREENDSV: BULLISH DSV: NOTE TO INVESTORSKO: TAX FIGHTDSV: STILL 'OVERWEIGHT'WTC: HAMMEREDWTC: MOUNTING TROUBLEWTC: ANOTHER DIFFICULT WEEK

DHL: NEW CFO APPOINTMENTFDX: TRADING UPDATE ON THE WAY TSLA: ON THE MENDGM: TECH STARTUP LISTINGDSV: NEW HIGH TARGET CHRW: BOLT-ON DEAL TIMEDHL: GO GREENDSV: BULLISH DSV: NOTE TO INVESTORSKO: TAX FIGHTDSV: STILL 'OVERWEIGHT'WTC: HAMMEREDWTC: MOUNTING TROUBLEWTC: ANOTHER DIFFICULT WEEK

Cyber attack. Digital background green matrix. Binary computer code. Computer screen error templates. 3d rendering
By

A new hacking group is targeting logistics companies, with several already named as victims. 

The Coinbase Cartel focuses solely on data exfiltration, according to cyber companies.  

“Their operations are business-like, leveraging staged data leaks, professional negotiations, and partnerships to maximise extortion success,” noted iZooLogic. 

Cyber attack prevention company Dynarisk said DSV was among the latest to be named. 

We conducted a historical review and confirmed that our system captured a screenshot of the original post on the Coinbase Cartel website, which mentioned DSV as a ransomware victim. However, at this moment, DSV’s name no longer appears on the ransomware group’s site,” said representative Mil Rajic. 

Photo: Dynarisk

“That usually means negotiations are still ongoing, and the short post might have just been a way to pressure the company to continue buyout talks or make the payment.

“Ransomware groups often do this – they publish something briefly and then take it down, mainly to put pressure on their victims.” 

He added that it was too early to know much, but explained: “There are certain indicators suggesting that DSV is using Red Hat in its Single Sign-On (SSO) system — an authentication scheme that allows a user to log in with a single ID to multiple related, yet independent, software systems.” 

DSV told The Loadstar: “I can neither confirm nor deny a cyber-attack. But I can confirm that our name has been mentioned on an external site along with a number of other companies, and we are dealing with this matter with the utmost seriousness.  

“I would like to emphasise, that our systems and operations have not been affected,” said a DSV spokesperson. 

Other companies named by the group over the past month include Ceva Logistics, Kuehne + Nagel, Schedler-translog and PLC-Transportation.

Kuehne + Nagel said it was aware of recent online mentions suggesting a potential ransomware incident involving the company. It added: “Our cyber defence team has investigated the matter and, to date, found no evidence of a successful attack or data compromise. We continue to monitor and assess such reports as part of our ongoing cybersecurity operations. Safeguarding the integrity of our systems and the privacy of our stakeholders is a top priority.”

Ceva has also been contacted for comment. 

You can find more details on Loadstar Premium here

Comment on this article

You must be logged in to post a comment.

    Related Stories

    Topics

    Ceva Logistics cyber attack DSV DynaRisk Kuehne + Nagel