DP World enter US market with new box terminal at Corpus Christi
DP World looks set to finally break into the US market after entering into an ...
MATX: SMASHING RECORDSDHL: NEW HIGHSPLD: PAY UPCHRW: WAITING FOR THE NEXT EARNINGS BEATMAERSK: DEAL TIME FOR THE OWNERSDHL: ASSET POWERCAT: TIME TO SELLMAERSK: UPGRADEMAERSK: ANOTHER UPGRADE HITS THE WIRES
MATX: SMASHING RECORDSDHL: NEW HIGHSPLD: PAY UPCHRW: WAITING FOR THE NEXT EARNINGS BEATMAERSK: DEAL TIME FOR THE OWNERSDHL: ASSET POWERCAT: TIME TO SELLMAERSK: UPGRADEMAERSK: ANOTHER UPGRADE HITS THE WIRES
A ransomeware cyber-attack on a UK trucking company has again brought home the very real threat companies face in an increasingly digital world.
Welsh firm Owens Group was the victim of a cyber-attack this month, resulting in its internal data being published on Lockbit’s website on the ‘dark web’. Lockbit ransomware has been blamed for several cyber-attacks worldwide.
“If the data is posted, it usually means they didn’t pay the ransom,” said Andrew Martin, CEO of cyber risk management company Dynarisk. He estimated the demand would have been for £1m-£2m ($1.2m-$2.5m).
Owens’ data included finance information, such as budget, cash flow, balance sheets, tax returns, project calculations and bank statements, as well as client details including addresses, phone numbers, payment information and contracts, and employees’ personal information like passport scans and contracts.
Mr Martin told The Loadstar having private data made public could ‘open the flood gates’. He warned: “When data is released on the dark web hundreds of hackers will get a hold of it. They’ll use the information to potentially carry out additional attacks against the company, its customers and staff members.”
Other risks include loss of funds, business interruption, reputational damage and loss of customers, he added.
And there is potential for regulatory fines, penalties and legal disputes. Brandon Fried, executive director of the US Airforwarders’ Association, told The Loadstar paying a ransom may be illegal in the US and in the EU, as “it facilitates criminal activity and finances terrorism”.
This leaves affected companies between a rock and a hard place, so what can they do?
“It comes down to prevention,” said Mr Fried.
Mr Martin outlined five key prevention techniques: having anti-malware controls in place across the company; controlling privileged access accounts; putting back-ups offsite, or in a different area of the network, and testing that you can restore them; ensuring the company has a process to update software quickly when vulnerabilities are discovered; and implementing a cyber insurance policy.
Earlier this month, global port operator DP World was hit by a large-scale cyber-attack that caused a backlog of around 30,000 service disruptions.
This marked the second major cyber-attack on ports this year, following one on Nagoya in July.
Project44 said this highlighted the importance of “comprehensive cybersecurity education for staff, the utilisation and maintenance of effective cyber safety measures and the necessity of contingency plans for manual processing during disruptions.
Owens Group was contacted for comment, but did not respond.
This article is © The Loadstar. Reproduction, rewriting, or derivative use requires a license. Contact [email protected] for licensing enquiries.
For uninterrupted access, sign in or sign up to The Daily News, Premium or The Loadstar Enterprise Plan.
Comment on this article