One of Australia’s largest courier companies (owned by FedEx who’ve halted trading on their shares) TNT has been significantly impacted by the Petya Ransomware. TNT Express are actually one of the world’s largest express delivery companies. On a daily basis, TNT Express delivers close to one million consignments ranging from documents and parcels to pallets of freight using road and air delivery services in Europe, the Middle East and Africa, Asia-Pacific and the Americas. Any interruption to those services will potentially cost millions to the brand in lost operations and brand damage as a result.
TNT confirmed their operations were impacted on Wednesday on their Facebook page and have failed to provide an update since. Customers who’s package deliveries have been impacted have turned to the comments to vent their frustration with the lack of communication.
Their website provides a simple message (below) with the ‘read more’ link taking you to their contact page which lists local customer service phone numbers you can call around the globe to check on the progress of your order. Given the scale of the system outage, I wouldn’t expect the phone to be answered anytime soon.
Its Friday afternoon and we’ve been speaking to one of TNT’s partners who are unsure about deliveries and pickups into next week.
The Petya Ransomware encrypts the files of compromised machines, devices running unpatched versions of Windows. If you’ve ever been to the depot for a courier company, you’ll notice they’re all running old version of Windows, some Windows 7 and some are definitely still on XP. Given their business focus is on the distribution of millions of items per day, its not entirely surprising Windows Updates aren’t their first priority, after this, they will be.
The other potential threat is the connected barcode scanners that drive the updates to parcel locations. These are often old versions of Windows embedded and are never updated.
In terms of an actual resolution, let’s hope TNT have at least a decent backup regime, as the option to pay to have their files unencrypted by the ransomware developers is now well and truly off the table with the email host taking the account offline. We’ll watch this one next week closely, but this one will impact more Australians that the first Aussie casualty, Cadbury in Tasmania.