Potentially “material” business impact.
International courier giant TNT Express is still struggling to make deliveries in Australia and all over the world almost a week on from the globally destructive Petya malware attack.
The cyber attack – which has been dubbed everything from Petya to NotPetya and GoldenEye – took out computers across an estimated 60 countries early last week.
FedEx-owned TNT Express was hit hard by the malware, which ravaged its business-critical systems globally.
The disruptions mean TNT has had to fall back to unspecificed “contingency plans” to continue operating, albeit at a reduced capacity.
Customer deliveries are delayed, the myTNT user portal is not operational, nor are the company’s internal communications networks functioning.
“To mitigate the impact of a virus that affected TNT IT systems globally last week, TNT continues to implement contingency plans,” a spokesperson said.
“Teams are making solid progress on remediating systems and methodically bringing business critical systems and services back online.”
It warned that customers may experience service delays and restrictions “in the short term”.
“We regret any inconvenience this may cause and ask for their understanding,” the spokesperson said.
The company did not provide an estimated time of restoration, nor detail on the extent to which its IT environment had been impacted.
Some TNT Express customers have sympathised with the company’s situation, but are growing frustrated at the ongoing problems. Others have expressed anger over a lack of communication from the courier.
“It would be nice to have an update on the situation considering it’s now 3 July. I too am waiting for a parcel to be delivered which is affecting my business but I do realise how serious the cyber attack was,” one customer wrote on its Facebook page.
“Also I understand that your phone lines are probably getting absolutely flogged right now so I won’t bother to ring. An update on the situation would be awesome. I’m just worried my parcel is floating around somewhere in the world completely untracked and unaccounted for. Best of luck on getting the systems back up and running.”
“No update, no change in the tracking service, HUGE delays in shipping and absolutely no communication and info,” another said.
“I understand that you have been under serious IT attack but it should not be the reason for this amateur handling of the situation.”
TNT Express upgraded to Windows 7 prior to its acquisition by FedEx in August 2015. It is unclear what version of the Microsoft system is currently in use. The company has been contacted for detail.
FedEx has indicated the financial impact of the malware could be “material”. TNT Express claims to deliver almost one million packages across the globe every day.
FedEx said all other group companies were unaffected. The business temporarily suspended trading of its shares on the New York Stock Exchange for about an hour last Wednesday following the initial attack.
Security researchers suspect the malware that attacked TNT Express and many others masquerades as ransomware – victims aren’t actually able to restore their files if they pay the US$300 demand – to hide its true intention of destruction.
Ukraine has gone as far as to blame Russia for the malware, which the country claims is part of an ongoing series of attacks designed to spread destruction and fear, and install malware for future sabotage, amidst political tensions.
The virus – which appears to be almost identical to the GoldenEye variant of the Petya malware that surfaced last year – uses similar exploits to the WannaCry malware to crash and reboot computers after rewriting the hard disk master boot record.
Unlike Petya, however, it overwrites the first 25 sector blocks of a victim PC’s hard disk to do “permanent and irreversible damage”, meaning files can’t be decrypted after the ransom is paid.
The exploits target vulnerable computers that run the Windows System Message Block (SMB) version 1 file sharing protocol.
View the Original article