How companies can limit a cyberattack like Expeditors (EXPD)
15:51, 2 March 2022
As a US logistics firm experiences a major service outage, two cybersecurity firms share tips to help corporations limit the damage from hacker attacks such as ransomware and distributed denial of service (DDoS).
Ransomware is malicious software that takes control of a computer system to lock out users until a fee is paid. A DDoS attack overloads traffic to websites from a network of infecting computers that overload the targeted site with page requests.
“At this early stage, the company is unable to estimate the ultimate direct and indirect financial impacts of this cyberattack,” Expeditors said in the filing.
What is your sentiment on PANW?
Headquartered in Seattle, Expeditors International is a Fortune 500 logistics company with over 18,000 employees and a global network of over 350 locations in over 100 countries on six continents.
The stock is down 4% since it disclosed the outage. Shares were trading at $102.85 per share, up 1.4% at 11:25 EST (UTC+5).
“Expeditors is making progress in returning to normal operations. We are now handling shipments and providing services across most products and expanding recovery across our locations,” the company said in an update.
Specialist research team
With the outbreak of hostilities in Eastern Europe, a specialist research team at Palo Alto Networks (PANW) has documented significant increases in cyberattacks.
Unit 42 saw a series of DDoS attacks in mid-February and highlighted a new malware variant known as HermeticWiper that originated in Ukraine with website defacement attacks in the nation taking place shortly after.
“Future attacks may target US and Western European organisations in retaliation for increased sanctions or other political measures against the Russian government. We recommend that all organisations proactively prepare to defend against this potential threat,” Unit 42 wrote in a threat briefing.
Unit 42’s briefing gives the following recommended actions to help companies prepare for possible cyberattacks:
- Patches: apply patches for any software containing vulnerabilities – not just those known to be exploited. This is most urgent for software that is internet-facing and necessary for business operations, such as webmail and virtual private networks (VPNs).
- Data destruction: Forms of disruptive cyberattack will either use ransomware or pose as ransomware. Test data backup and recovery plans as well as testing the continuity of operations in case the corporate network or other key system is disabled.
- Respond quickly: Ensure designated points of contact across an organisation in key areas in case of a cybersecurity incident or infrastructure disruption. Test communication protocols (and backup protocols) to avoid being caught without a clear way of communicating critical information internally and externally.
- Network lockdown: Making small policy changes can decrease the likelihood of a successful attack against your network. Many applications can be abused even if the application itself isn't malicious. If your organisation doesn't require their functionality, blocking them will improve security posture.
“There is no way to know for certain what shape an attack may take, but taking these steps will help provide broad protection against what we expect to come,” the research team said.
Cybersecurity training firm KnowBe4 (KNBE) also adds the following points:
- Deploy strong multi-factor authentication (an additional form of identification such as a code from a smartphone app or a fingerprint scan) to as many employees as you can.
- Walk employees through security awareness training to keep them on their toes with security top of mind.
“It pains me to say, that while you are at it, warn your users: criminals will start new, devious charity campaigns that claim to help people in Ukraine. Remind your users to only use legit charities they are already familiar with and to never click on a link in an email of a charity claiming to help Ukraine war victims,” KnowBe4 founder and CEO Stu Sjouwerman wrote in a blg post.
Late last year KnowBe4 published its findings on an email scam known as phishing, which involves gaining a user's credentials by directing them to sign into a fake website designed to appear genuine.
Amongst the most common fake email subjects received in Europe and North America according to KnowBe4’s findings are “Password Check”, “Policy Update” and “Employee Portal”.
Chief hacking officer
Florida-headquartered KnowBe4 offers online security training and seminars. Its chief hacking officer is none other than legendary hacker Kevin Mitnick who has over 30 years of experience and is the auther of four bestselling books.