FedEx: It is still suffering the aftermath of Petya attack

FedEx, a US based globally operating delivery firm, states that customers associated with its subsidiary company TNT Express are continually facing issues. TNT Express is FedEx’s international express transportation division that also manages freight and small package shipping/delivery. The firm is at the receiving end of multiple system failures till date due to Petya attack because it didn’t possess cyber insurance.

FedEx’s Ukrainian division was attacked with Petya disk wiper malware and key systems like financial, operational, secondary business and back-office were affected severely to the extent that the company fears permanent damage to some of them. The company managed to restore IT and service systems immediately, but customers are still complaining about “service and invoicing delays” even after the passage of three weeks since the systems were attacked with Petya.

More:  Servers associated with NotPetya attack seized by Ukrainian Police

Details of the attack were released officially by FedEx in SEC 10-K filing on Monday. FedEx is still clueless regarding the revival of some of the affected systems.

“We cannot yet estimate how long it will take to restore the systems that were impacted,” FedEx’s 10-K filing stated. SEC report also clarified that it was quite possible that TNT may never be able to “fully restore all of the affected systems and recover all of the critical business data that was encrypted by the virus.”

Reportedly, a majority of the affected computers were linked with the TNT Express’s B.V. (“TNT”) network. The company maintains that none of the data stored on TNT Express’s network has been stolen and only the “operations and communications” of TNT have been affected.

FedEx is likely to receive hefty financial impact post malware attack. According to the 10-K filing, the company expects losses in revenues, the increment in bad debt expenses, widespread customer loss, considerable increase in remediation costs for systems restore, higher operational costs and requirement of massive investments for making systems fool proof to avoid future attacks.

More:  The Nastiest of all Ransomware Mamba Encrypts Entire Hard Drive

Furthermore, unavoidable reputational damage, costs involved in follow up the governmental investigation and critical business and third party data loss are also among the company’s major obstacles. The integration between FedEx and TNT Express will also be much costlier and longer now.

Apart from FedEx, which remains top receiver of damages from Petya attack, a number of renowned companies have been affected. Other targets of Petya include law firm DLA Piper, pharmaceutical magnet Merck, Oreo cookies and Cadbury chocolate maker Mondelez, construction materials manufacturer Saint-Gobain, container transporter Maersk and oil firm Rosneft.

In case you are wondering what Petya malware is, it is a cyber-weapon that has been created for targeting Ukraine based organizations. However, unfortunately, internal networks and VPNs facilitated the spreading of Petya to other countries.

Experts state that Petya is a poorly coded malware that makes it impossible to recover data mainly because one of the encryption keys got misplaced. Moreover, Petya is not actually a ransomware but a cyber-sabotage tool. The ransomware started spreading in Ukraine from June 28th, and FedEx’s trading was abruptly stopped after the Petya infection invaded TNT’s systems through Ukraine tax-related accounting software M.E.Docs. This particular software is one of the two most important packages that are responsible for the company’s business operations in Ukraine. As noted by FedEx in its 10-K filing:

“TNT Express operates in Ukraine and uses the software that was compromised, which allowed the virus to infiltrate TNT Express systems and encrypt its data.”

FedEx published its 10-K filing at the same time when world’s insurance giant Lloyd’s issued a report on the possibility of losses worth $121.4 bn worldwide due to a well-planned cyber-attack. In its report, Lloyd’s of London urged that companies must get cyber-insurance in order to thwart such attacks and prevent huge financial losses.

More:  Fake FedEx 'missed delivery' emails infecting devices with ransomware

Sponsored: DDoS attacks are increasing, calculate the cost and probability of a DDoS attack on your business with this DDoS Downtime Cost Calculator.

Waqas

Waqas Amir is a Milan-based cybersecurity journalist with a passion for covering latest happenings in cyber security and tech world. In addition to being the founder of this website, Waqas is also into gaming, reading and investigative journalism.