Ransomware strikes Aussie freight firm Henning Harders

Meanwhile, ransomware victim Toll Group has nearly completed its recovery from a 31 January attack.

Australian freight and logistics firm Henning Harders has warned customers that its cargo tracking system is unavailable due to “unusual activity” on its IT systems. The company said it detected what it believes was an “organised attack” on its systems on Sunday March 15 and that some of its customers’ commercial data may have been accessed.

Henning Harders said it had operated at limited capacity since detecting the network activity on Sunday — the date the Maze group, a ransomware group, published details that it had compromised the company’s network.

The Maze group historically first names the targeted company and threatens to publish a portion of the stolen data if the ransom demand isn’t paid. If the ransom isn’t paid after the proof is published, the group then threatens to expose whatever else has been stolen. New Zealand-based security firm Emsisoft said the group behind the Maze ransomware had listed Henning Harders’ Sydney and Melbourne offices on its website as “new clients”. Henning Harders also has offices in Brisbane, Perth, Auckland, and Wellington.

It’s not clear what or how much customer data has been stolen, but Henning Harders says, “There is no evidence at this stage that any customer data has been misused.”

The company has also hired cyber security experts, commenced an investigation, and contacted its customers to advise them of the apparent attack.

The attack on Henning Harders comes on the heels of Mailto ransomware attack on logistics giant Toll Group, which took down core IT systems and reverted to manual processes on January 31 after detecting an attack, gradually bringing systems back online over the past six weeks. Its core booking platform MyToll was restored on 4 March. Toll on 18 March reported that its core services had returned to normal capacity for most customers across its global network.

Copyright © 2020 IDG Communications, Inc.

Microsoft's very bad year for security: A timeline