Industry News

Didn’t get your Oreo cookie shipment? Last month’s global cyber attack may be to blame

More and more details are emerging of the financial impact that last month’s malware attack has had on major businesses.

As everyone who works in IT security is all too aware, a massive malware attack crippled organisations and critical infrastructure in late June, after being distributed via a malicious automatic update in an accounts package called MeDoc.

The malware (variously named as Petya, NotPetya or GoldenEye by security vendors) didn’t confine itself to disrupting Ukrainian businesses, however, as it spread rapidly beyond the country’s borders to impact multinational organisations across the globe.

In its annual SEC filing, international courier delivery service FedEx admitted that its systems were affected by the NotPetya/GoldenEye outbreak, with computers at TNT Express – a transportation company FedEx acquired last year – particularly badly hit:

As of the date of this filing, all TNT Express depots, hubs and facilities are operational and most TNT services are available. Nevertheless, customers are still experiencing widespread service delays, including invoicing, and manual processes are being used to facilitate a significant portion of TNT Express operations and customer service functions…

At this time, we cannot estimate how long it will take to restore the systems that were impacted and it is reasonably possible that TNT Express will be unable to fully restore all of the affected systems and recover all of the critical business data that was encrypted by the virus.

FedEx says that it is “still evaluating” the financial impact of the attack, but “it is likely that it will be material” and the company says its full-year financial results will be impacted. FedEx says it did not have any insurance in place that would cover the impact of the malware attack.

It’s a similar story from confectionary giant Mondelez, the makers of Oreo Cookies and Cadbury chocolates, which found its offices as far away as Tasmania had fallen foul of NotPetya/GoldenEye, forcing production to halt.

In its most recent update on the security incident, Mondelez said that the malware attack had been contained, but the company’s revenues might be harmed:

Given the timing of this significant global attack, despite our best efforts, we experienced disruption in our ability to ship and invoice during the last four days of our second quarter. There are a few markets where we have permanently lost some of that revenue due to holiday feature timing, but we expect we will be able to recognize the majority of these delayed shipments in our third quarter results.

As I discussed in an article on the Bitdefender Business Insights blog, other large businesses such as advertising giant WPP, household goods manufacturer Reckitt Benckiser, and shipping company Maersk, continued to feel the pain long past the initial impact of the GoldenEye malware outbreak.

There may be no such thing as 100% security, but I really hope that more companies are adopting a layered approach to security, examining closely how they have set up their networks, whether they are controlling who has local admin rights, and taking steps to ensure that they are able to recover quickly should disaster strike.

Download Bitdefender’s white paper: Everything we know about GoldenEye/NotPetya

About the author

Graham CLULEY

Graham Cluley is an award-winning security blogger, researcher and public speaker. He has been working in the computer security industry since the early 1990s, having been employed by companies such as Sophos, McAfee and Dr Solomon's. He has given talks about computer security for some of the world's largest companies, worked with law enforcement agencies on investigations into hacking groups, and regularly appears on TV and radio explaining computer security threats.

Graham Cluley was inducted into the InfoSecurity Europe Hall of Fame in 2011, and was given an honorary mention in the "10 Greatest Britons in IT History" for his contribution as a leading authority in internet security.

Add Comment

Click here to post a comment