Seattle, Washington-based logistics giant Expeditors International on Sunday announced the disruption of its global systems as a result of a cyberattack.
The Fortune 500 company said it had shut down most of its operating systems, and in an update shared on Monday informed customers that its operations had still been impacted.
“While our systems are shut down we will have limited ability to conduct operations, including but not limited to arranging for shipments of freight or managing customs and distribution activities for our customers’ shipments,” the company stated.
The company described it as a “targeted cyberattack,” but shared no other details. Based on its brief description of the incident, it may have been a ransomware attack.
A majority of sophisticated ransomware attacks involve not only the encryption of files on compromised systems, but also the theft of sensitive data, which the cybercriminals threaten to publish on dedicated leak websites if the victim refuses to pay a ransom.
SecurityWeek has checked the leak websites of several major ransomware groups and has not seen any mention of Expeditors, but they don’t immediately add the name of a victim to these sites — victims are given time to pay up or try to negotiate.
“We are incurring expenses relating to the cyber-attack to investigate and remediate this matter and expect to continue to incur expenses of this nature in the future,” Expeditors said. “Depending on the length of the shutdown of our operations, the impact of this cyber-attack could have a material adverse impact on our business, revenues, results of operations and reputation.”
Expeditors is a service-based company that provides logistics solutions through a network of more than 350 locations across over 100 countries. It provides supply chain performance, transportation, customs, and warehousing services.
Expeditors is not the only logistics giant hit by ransomware in recent months. In December, Hellmann confirmed that cybercriminals had exfiltrated data from its systems during a ransomware attack.
“The cost of outages attributed to ransomware can be very impactful to companies of all sizes,” commented Nasser Fattah, North America Steering Committee Chair at third-party risk assurance firm Shared Assessments. “When we look at revenue loss, time, and resources to identify, contain, and eradicate ransomware to systems recovery, the overall financial loss to a company can be staggering. Add to this customer impact, including churn, and failing to meet contractual obligations, can further exacerbate the situation.”
“For this reason, it is important to a) do ransomware tabletops to understand ones’ strengths and weaknesses in defending against ransomware, as well as remediating if ransomware takes hold, and b) understand all costs that an organization can incur – which is important for the business to partake in the tabletops,” Fattah added.