Billion-dollar logistics giant Expeditors struggling to recover from cyberattack

The Seattle-based company announced the attack on Sunday but would not say if it was a ransomware incident.
Written by Jonathan Greig, Contributor

Logistics and freight forwarding giant Expeditors International announced a cyberattack on Sunday that crippled some of their operating systems and continues to slow their operations around the globe. 

The Seattle-based freight company, which brought in $10.1 billion in revenue last year, said they shut down most of their operating systems globally after discovering the cyberattack. 

"The situation is evolving, and we are working with global cybersecurity experts to manage the situation. While our systems are shut down, we will have limited ability to conduct operations, including but not limited to arranging for shipments of freight or managing customs and distribution activities for our customers' shipments," the company said in a statement. 

"We are conducting a thorough investigation to ensure that our systems are restored both promptly and securely, and on a parallel track, evaluating ways with our carriers and service providers to mitigate the impact of this event on our customers. Since it is extremely early in the process, we cannot provide any specific projections on when we might be operational. Still, we will provide regular updates when we are able to do so confidently. We are incurring expenses relating to the cyber-attack to investigate and remediate this matter and expect to continue to incur expenses of this nature in the future. Depending on the length of the shutdown of our operations, the impact of this cyber-attack could have a material adverse impact on our business, revenues, results of operations and reputation."

The company did not say whether it was a ransomware attack and did not respond to requests for comment. On Sunday, they said systems may be unavailable as they try to secure their system, noting that "backup procedures are being implemented."

Another update was released on Monday explaining that the company's global operations were still being affected by the attack. Expeditors said it was working through its crisis management and business continuity response plans but was still struggling to recover. 

Expeditors have thousands of employees across 350 locations in more than 100 countries. It has become just the latest logistics company to be hit with a cyberattack over the last month. 

Earlier this month, Swiss airport management service Swissport reported a ransomware attack affecting its IT systems that were later attributed to the BlackCat ransomware group. Another cyberattack on two German oil suppliers forced energy giant Shell to reroute oil supplies to other depots over the last month. The German Federal Office for Information Security (BSI) said the BlackCat ransomware group was also behind the incident, which affected 233 gas stations across Germany.

Multiple ports in Belgium and the Netherlands reported issues after a cyberattack affecting IT services in early February. Terminals operated by SEA-Tank, Oiltanking, and Evos in Antwerp, Ghent, Amsterdam, and Terneuzen were all dealing with issues related to their operational systems. In a statement to ZDNet, Oiltanking said it "declared force majeure" due to the attacks. 

A spokesperson from Evos told ZDNet at the time that they were continuing to operate their terminals but were having some delays after the attack disrupted IT services at terminals in Terneuzen, Ghent, and Malta. Prosecutors in Antwerp opened an investigation into the cyberattacks.

Billion-dollar German logistics firm Hellmann Worldwide Logistics was also hit with ransomware in December.

Editorial standards