Truckstop.com said ransomware was behind a weeklong outage that affected sites including its load board, online carrier safety vetting and payment services.
The ransomware attack occurred on Friday, Dec. 20, Truckstop.com said in a statement. The company first notified users publicly the next day that its websites were “experiencing technical difficulties.”
“We immediately engaged law enforcement and a leading team of security experts to confirm the security of our systems and safety of customer information,” Truckstop.com said in a statement.
Truckstop.com handles about 500,000 loads per day and has 200,000 active users.
The New Plymouth, Idaho-based company said there is no evidence that any customer information was compromised, and systems are being continuously monitored for irregular activity.
“Should we determine that this incident impacted the security of that information, we will move quickly to notify anyone potentially affected,” it added.
The outage hit at least seven sites owned by Truckstop.com. The affected services include the app-based load board, factoring, carrier onboarding, RFP tool, real-time freight monitoring, SaferWatch and ShipperMate. Most of the major services are up and running, the company said.
All but one of the sites is hosted by Cedar Rapids, Iowa-based data-hosting firm Involta. Amazon Web Services hosts ShipperMate.
Truckstop.com did not release figures on the cost of the outage. But many carriers switched to DAT’s load board and other services during the outage, with DAT seeing a “massive spike” in customer queries.
Silicon Valley-based investment fund ICONIQ Capital acquired a majority stake in Truckstop.com this past April, valuing it at $1 billion.
2019 was a good year for ransomware
Computer security professionals say 2019 has been a banner year for ransomware, a type of computer virus that essentially locks users out of their computers until they pay a ransom. Security firm Emsisoft said 965 government agencies, hospitals and schools experienced ransomware attacks this year. Although the extent of damage can vary greatly, one estimate puts the typical cost of a ransomware outage at $8.1 million, with an approximate recovery time of nine months.
Victims of ransomware are not required to report incidents to law enforcement, Emsisoft noted, making it difficult to compile information about ransomware attacks.
In November, the site for Louisiana’s transportation department was hit by ransomware, preventing carriers from getting needed permits. A ransomware attack also hit LTL carrier A. Duie Pyle in June.
Emsisoft said the attacks are on the rise due “to organizations’ existing security weaknesses and the development of increasingly sophisticated attack mechanisms specifically designed to exploit those weaknesses.”
The U.S. Coast Guard published an alert Dec. 16 that an unidentified marine terminal was subject to an attack from a variant of ransomware known as “Ryuk.” It likely entered the terminal’s computer system through a phishing email. The Ryuk virus encrypted critical files and also affected industrial control systems for monitoring cargo movements.
“These combined effects required the company to shut down the primary operations of the facility for over 30 hours while a cyber-incident response was conducted,” the Coast Guard said.
The Coast Guard said intrusion detection systems, up-to-date virus protection software, segmenting industrial controls from computer systems, and consistent backups would have limited the breach or at least minimized downtime.