News / Guard against cyber-attacks warning, as UK haulier data appears on 'dark web'

A ransomeware cyber-attack on a UK trucking company has again brought home the very real threat companies face in an increasingly digital world.  

Welsh firm Owens Group was the victim of a cyber-attack this month, resulting in its internal data being published on Lockbit’s website on the ‘dark web’. Lockbit ransomware has been blamed for several cyber-attacks worldwide. 

“If the data is posted, it usually means they didn’t pay the ransom,” said Andrew Martin, CEO of cyber risk management company Dynarisk. He estimated the demand would have been for £1m-£2m ($1.2m-$2.5m). 

Owens’ data included finance information, such as budget, cash flow, balance sheets, tax returns, project calculations and bank statements, as well as client details including addresses, phone numbers, payment information and contracts, and employees’ personal information like passport scans and contracts. 

Mr Martin told The Loadstar having private data made public could ‘open the flood gates’. He warned: “When data is released on the dark web hundreds of hackers will get a hold of it. They’ll use the information to potentially carry out additional attacks against the company, its customers and staff members.”   

Other risks include loss of funds, business interruption, reputational damage and loss of customers, he added.

And there is potential for regulatory fines, penalties and legal disputes. Brandon Fried, executive director of the US Airforwarders’ Association, told The Loadstar paying a ransom may be illegal in the US and in the EU, as “it facilitates criminal activity and finances terrorism”. 

This leaves affected companies between a rock and a hard place, so what can they do?  

“It comes down to prevention,” said Mr Fried.  

Mr Martin outlined five key prevention techniques: having anti-malware controls in place across the company; controlling privileged access accounts; putting back-ups offsite, or in a different area of the network, and testing that you can restore them; ensuring the company has a process to update software quickly when vulnerabilities are discovered; and implementing a cyber insurance policy.  

Earlier this month, global port operator DP World was hit by a large-scale cyber-attack that caused a backlog of around 30,000 service disruptions. 

This marked the second major cyber-attack on ports this year, following one on Nagoya in July.  

Project44 said this highlighted the importance of “comprehensive cybersecurity education for staff, the utilisation and maintenance of effective cyber safety measures and the necessity of contingency plans for manual processing during disruptions. 

Owens Group was contacted for comment, but did not respond.