Expeditors targeted in a ransomware attack which led to shut down

Major logistics and freight forwarding company suffered a cyberattack

operations shut down globally due to the ransomware attack

After being targeted in a severe ransomware attack, logistics and freight forwarding company Expeditors International has promptly shut down most of its operations systems. The company issued a statement on Sunday that detailed that the incident was discovered, which led to operating systems shut down to manage the safety of the overall global systems environment.

Operations like arranging for shipments of freight or managing customs and distribution activities for customers’ shipments are continuously remained shut down. Expeditors are working with cybersecurity experts to contain the threatening situation. As of right now, further investigations are happening, and experts are working to ensure safe restoration of companies operating systems. However, there is no given estimation on when normal operations might resume.^[1]

Yet, the main focus remains to minimize the impacts on companies’ loyal customers, and provide them with important information. As Expeditors officials state, the recent attack could have a serious material impact on the business, its revenues, and results. If this prediction comes out to be true, the Expeditors attack will become of the most significant attacks on US logistics companies.^[2]

Attacks targeting organizations are on the rise

More insights about the most recent Expeditors attack come from BleepingComputer which received an anonymous tip saying that Expeditors suffered a large ransomware attack. BleepingComputer did not verify the attack but shortly after the company itself did come out and publicly addressed the issue.^[3] With the attack on Expeditors still unresolved, it is clear that crime actors remain focussed on logistic companies.

In recent months similar attacks have already happened. At the beginning of February, Swissport was attacked with ransomware: cyberthreat impacted the IT infrastructure. However, all operations remained available, and full system clean-up and restoration happened shortly after. It could have been a major hit for the logistic industry as Swissport operates at 285 airports in 45 countries.^[4]

Similarly, Hellmann Worldwide Logistics was attacked back at the end of 2021. The company suffered a huge cyber-attack and data breaches, and the source of the attack was not named publically. Companies’ operations were temporarily disconnected but were later restored upon working with external security specialists. Similar to Swissport, Hellmann is a significant global company that focuses on airfreight, seafreight, road and rail logistics services.^[5]

The supply chain must be protected

Expeditors is no small company either. It is a US-based logistics and freight forwarding company with many international ties. Its annual gross revenue is around $10 billion, and the company has 350 locations and over 18,000 employees worldwide. They offer services of supply chain, warehousing, distribution, transportation, customs, and compliance. Interestingly, each of the company’s branches are independent profit centers.^[6]

There is no huge surprise that crime actors decided to target the huge profit, global company that has connections with many businesses worldwide. In recent years, experts have been seeing the popular trend of cybercriminals targeting organizations along the supply chain sector. Often, hackers claim to have access to networks for companies that operate air, ground, and maritime cargo transport.^[7]

With the huge rise of consumers goods, the supply chain and its productivity is as important as ever. That means it is imperative to ensure its safety. As experts point out, inaction isn’t an option. It is important to employ best practices, invest in cybersecurity talent, and coordinate with the government voluntarily, some cut corners and put us all at risk. In such way, hackers would have a hard time proposing serious threats.