Chris DeMillo, head of information technology at the 500-truck Leonard’s Express out of New York, remembers a three-day period in June 2017 vividly. “Like it was yesterday,” he said. That was when he realized Leonard’s networks had been exposed in a phishing attack, and malware had made its way across the company’s networks, touching nearly all points of the operation over a three-day period.
"At one point we brought everything down that was plugged into an outlet,” DeMillo said. “We were running on phone calls and paper notepads.”
The company was able to fight off the attack and restore its operations in those three days without major ramifications, other than lessons learned.
Fortunately, said DeMillo, it wasn’t a ransomware attack – one that holds data at ransom until a company pays. Rather, it was another, less dangerous malware that sought to mine the company’s data, potentially to steal and sell on the black market.
Attacks like the one Leonard’s experienced in 2017 are growing more pervasive and more costly. An attack can cripple a trucking company’s ability to operate and expose its most sensitive data to criminals. And as the recent high-profile cyberattack launched against the U.S. government and companies like Microsoft and Visa reveal, even the most sophisticated organizations can be at risk of a breach.
That attack on the federal government and businesses raised awareness, said Luis Rodriguez, chief information officer at asset tracking firm PowerFleet, among the company’s fleet customers about potential vulnerabilities in their systems. “It woke up a lot of people,” he said.
