Cyber-attack on Hellmann Worldwide Logistics

A cyber-attack has been carried out against major German logistics provider Hellmann Worldwide Logistics

The security incident forced Hellmann to take its central data center offline yesterday. Today, operations at the Osnabrück-based company remain disrupted. 

Hellmann said that since the attack was discovered, it has been under the constant observation of its Global Crisis Taskforce, which is analyzing the incident. The company has also hired “external renowned security specialists” to investigate the attack.

“As a precautionary measure, we disconnected our data centers temporarily, which has material impact on our business operations,” stated the company on its website.

“We are working with the highest priority on the resolution of the current situation.”

Hellmann was founded a century and a half ago and has 489 offices across 174 countries. The company handles approximately 16 million shipments per year, and in 2020, it reported revenues of $2.8bn.

Hellmann did not disclose the exact nature of the attack, which is still under investigation. 

In a statement released Thursday, the company said: “We can currently not rule out that there have been data leakages or unauthorized use of data.”

The company advised clients wishing to speak to their Hellmann contacts to use their cell phones. 

Hellmann has not stated when it expects normal operations to resume. The company said only: “Operations will be restored step by step, with the security and integrity of the systems as the top priority.” 

Vectra CTO Oliver Tavakoli told Infosecurity Magazine that when choosing their next victim company, cyber-criminals likely factor in how much pressure their target will come under to restore its disrupted services.

“In this age of ransom, the choice that attackers make to target certain industries is based on their belief that companies in an industry have both the ability to pay a large ransom and are more likely to pay it,” said Tavakoli.

“Given the global focus on supply chain issues and the extent to which these have hampered the recovery of economies across the world, attackers likely believe that logistics companies will be pressured by their customers (and possibly their governments) to do whatever is necessary to assure continuity of operations.”