Malware targeting trucking companies isn't an IT issue. 'It's everybody's issue'
Chris DeMillo, head of information technology at the 500-truck Leonard’s Express out of New York, remembers a three-day period in June 2017 vividly. “Like it was yesterday,” he said. That was when he realized Leonard’s networks had been exposed in a phishing attack, and malware had made its way across the company’s networks, touching nearly all points of the operation over a three-day period.
"At one point we brought everything down that was plugged into an outlet,” DeMillo said. “We were running on phone calls and paper notepads.”
The company was able to fight off the attack and restore its operations in those three days without major ramifications, other than lessons learned.
Fortunately, said DeMillo, it wasn’t a ransomware attack – one that holds data at ransom until a company pays. Rather, it was another, less dangerous malware that sought to mine the company’s data, potentially to steal and sell on the black market.
Attacks like the one Leonard’s experienced in 2017 are growing more pervasive and more costly. An attack can cripple a trucking company’s ability to operate and expose its most sensitive data to criminals. And as the recent high-profile cyberattack launched against the U.S. government and companies like Microsoft and Visa reveal, even the most sophisticated organizations can be at risk of a breach.
That attack on the federal government and businesses raised awareness, said Luis Rodriguez, chief information officer at asset tracking firm PowerFleet, among the company’s fleet customers about potential vulnerabilities in their systems. “It woke up a lot of people,” he said.
Kevin Cross, vice president and chief information security officer for Dell Technologies’ Security and Resiliency Organization asked the question: "If you had a ransomware attack tomorrow, how would you handle that?" Those are the types of scenarios fleets need to be planning for, as well as taking necessary steps to ward off such attacks in the first place.Research conducted by cybersecurity and antivirus software firm Bitdefender suggests Server Message Blocks (SMBs) this year will face a record number of data breaches, as misconfigurations and unpatched vulnerabilities exposed by the transition of employees to work from home creates security blind spots and become the hunting grounds for would-be cyber attackers.
Security and privacy were ranked by global IT leaders as their top technology risk in 2021, according to a survey by Protiviti and ISACA, with "cyber breaches" listed as the top concern. Similarly, two-thirds of respondents to Frost & Sullivan's IT Decision Makers Survey said remote working brought on by the pandemic had a significant impact on their business, and more than a third noted dealing with security concerns was their top challenge in the next two years.
"Transformations occur and security just gets left out, or gets left behind," said Kevin Cross, vice president and chief information security officer for Dell Technologies’ Security and Resiliency Organization.