Threat of Cyber Risk and Need for Risk Management Plan
Recent survey in U.S. discovered that many organization in United States were attacked by the WannaCry ransomware attack. The ransomware attack targets the computer that runs Microsoft Windows operating system. These encrypts data as well as demands for the ransom payment, mainly in Bitcoin cyptocurrency (Ganame et al., 2017). WannaCry propagates via EthernalBlue in the Microsoft. WannaCry Ransomware attack has engulfed many of the organizations in United Kingdom. The government of UK have introduced resilience plans alerting all the organization and also set action plan for improving the resilience.
This report elaborates the WannaCry Ransomware attack that took place in FedEx organization The FedEx Corporation had a financial damage of about 300$ million. The FedEx Corporation deals with delivery around the world. With the attack of virus in the computer system of the corporation, the delivery was slowed down. This report defines the pre-incident, post-incident and the problems that were faced by FedEx during the WannaCry attack.
FedEx is basically a courier service which is abbreviated from Federal Express (Wirth 2018). The corporation is well known for its shipping system and is also includes a system that can track the packages with real time. On June 28 2017, FedEx experience some issues with Microsoft Corp Windows. Some of its systems were interfered with Windows system that were caused by some malware. In the WannaCry Ransomware attack, all total of 300,000 machines over 150 countries were impacted. FedEx had to face major result due to the Ransomware attack. Their delivery service slowed down which infected their services over the whole world (Taddeo & Floridi, 2018). The malware of WannaCry attacked FedEx through a product of Ukrainian tax software. The financial damage due to the malware attack faced by FedEx was about $300 million. Mainly the TNT unit of the FedEx was affected and needed most advanced technologies for the recovery.
Along with the financial damage, the corporation also faced slower shipments due to the computer virus and the TNT unit of the organization was forced to do all the transaction through hand. The cyber-attack that took place in FedEx prompted the corporation to accelerate all process for combining the TNT unit with the unit of Express air shipping. This was done to reduce the exposure to other technology systems. Before the incident took place, FedEx Corporation acquired TNT for about $4.8 billion in 2016, having a spread parcel-delivery system all over Europe so that it can compete with other delivery services in Europe (Mansfield-Devine, 2017). Just before the cyber-attack, FedEx reported the results of TNT as the part of Express Division. The TNT unit of the FedEx Corporation mainly serves automotive, industrial, high tech industries as well as in health-care industries.
The FedEx WannaCry Ransomware Attack
The TNT unit of the shipping company was affected by virus that has affected all the computer system in United States, Asia, and Europe. More than 200 countries takes service from FedExWith the cyber-attack in the corporation, the TNT unit has experienced disrupted working process in its operations and in the communication system (Bouda, 2017). As FedEx TNT Express provided services to all the domestic country and to the regional network, due to the WannaCry ransomware attack, all those working were slowed down.
The TNT Express unit of the FedEx Corporation has impact of about $300 million during the cyber-attack of WannaCry (Ringwood, 2017). Many computers over almost 74 countries are infected by the WannaCry ransomware attack. During the ransomware attack, the hacker mainly locks the computer system of the user and demands money for unlocking them. Same happened with the FedEx Corporation. Risk assessment that FedEx faced was all the computer system that the organization was using was locked by the attackers and the hackers demanded money for unlocking them. The WannaCry attack that took place was huge. During the incident, the organization experienced an interference in some of its system which were having windows operating system (Nissim et al., 2018). Malware mainly infected those system having Windows Operating system. The malware kept on spreading until the systems were turned off.
SwiftonSecurity, which is a leading website of cybersecurity instructed all the employees of FedEx Corporation to turn off their system as soon as possible and prevent the malware from being spread. The characteristics of WannaCry ransomware is to spread via many computer network. It mainly affects the Windows based systems and encrypts all the files on the system or on the connected hard drive. After getting the access of the files on the system, the users are stopped from accessing the files and are demanded money for unlocking the files. The demand for the ransom payment is usually demanded in bitcoin for releasing them (Wirth, 2017). The WannaCry attack that took place in FedEx consists of many components. It mainly attacked a computer system of the corporation like a dropper and starts spreading to all other systems that are turned on. The Windows that use the SMB (Server Message Block) Protocol of the system that are windows-based. The main advantage of the SMB protocol helps different nodes to communicate on a network.
The National Security Agency of U.S. discovered the vulnerability of the ransomware malware and developed code for exploiting the malware. The code is called EternalBlue. The WannaCry Ransomware (O’Connell, 2018). This ransomware does not sent spam emails to the victims for getting the access of the system. NSA discovered vulnerability known as EternalBlue in the Windows operating system. This attack takes place when the users do the update of the application and the WannaCry ransomware gets the chance to exploit SMB protocol in the Windows Machine. During the attack of the ransomware WannaCry. The ransomware propagate through the infected systems through EternalBlue that mainly exploits the SMB protocol in Windows. The attack in the FedEx Corporation runs a script without the interaction of the user and runs them in the system. The script is known as DoublePulsar, which is an important backdoor tool developed by NSA (Floridi, 2017). As a result of the cyber-attack, the employees were instructed to turn off their computer systems and stop the spreading of the malware. During the attack, the delivery system of the FedEx went slow along with a slow tracking details. In this WannaCry ransomware attack, many organization were affected that also includes the healthcare system of the United Kingdom.
Impact of Ransomware Attack on FedEx Corporation
After the FedEx Corporation confirmed that a malware attack had taken place in organization, after that risk resolution were taken to prevent the attack or spread the malware. The attack took place mainly in the systems which were windows based due to the malware and the organization was trying to fix those issues as soon as possible. To fix the issues, some risk resolution was taken. Risk resolution that was taken was when the security team got to know that FedEx was facing such a problem, then the team instructed all its employees to turn off their computers to stop the spreading of the malware (Ioanid, Scarlat & Militaru, 2018). With turning off the systems connected over same network, stops the spreading of the malware primarily. The shares of FedEx fell to about 3.4 percent which had a great impact on the financial report of FedEX. The attack was mostly done in the TNT Express area of FedEx.
After the data breach, the customers are experiencing service delays as well as invoicing delays. As all the auto processes were turned off, the customers were getting manual service and a particular portion of the TNT operation was facilitated by manual processes. This also hampered the functions of customer service (Mattei, 2017). The restoration process is a long term process and the services of the TNT unit took much longer time to be restored. Many contingency plans were being made to lessen the impacts on the customers who are connected with TNT networks and FedEx Express.
There were no data breach or any kind of data loss in the organization. As the company was not having cyber insurance to replace these attacks, it was good for the organization that it has not faced any data breach (Dwyer, 2018). The company is facing big financial hit with the rivals of the DHL and the UPS so that they can get benefit from the attack. These rivals were used to overcome the TNT system that were hit by the WannaCry attack.
There are many ways through which the WannaCry attack can be avoided. The following are the techniques that can be implemented for preventing a WannaCry attack. FedEx should have used these techniques to avoid such attack.
- FedEx should have implemented a security firm and make all its employees install official patch directly from Microsoft (Mehlman, 2018). The systems that were used by FedEx Corporation should have been updated with the latest version of operating system. As WannaCry virus use older version of operating system to carry the attack. For Windows 10, Microsoft had released security patch. So, to avoid such attack, FedEx Corporation should have used updated windows.
- All the application and the Windows that the system had installed on was to have their auto- updates turned on. This might helped them to avoid any un-updated application the system and thus prevent WannaCry attack. The auto update feature mainly notifies when update of the version is available and thus can help to avoid attack. The user can also specify the time of update and all the applications are updated automatically.
- The security team of FedEx Corporation should have provided proper training to the employees of the organization not to download any attachments or not to click on the links that are attached on the email (Mohurle & Patil, 2017). The employees should have been instructed not to open the emails from unknown sender to avoid such attacks.
- All the data on the computer system should have a proper data backup in case of any data breach. A full backup system can be used to keep the information of the organization safe and also restoring the data of FedEx Corporation. Many third party solutions are also available for keeping backup.
Conclusion
The organization that is taken in this report is the FedEx Corporation, which is an import and export company. The organization is mostly famous for delivering service overnight and has a pioneering system, which helps to track the packages and give update of real-time to the users about their package location in case their packages are lost. FedEx has many other features that help it to gain an advantage in the market place. FedEx is a delivering service that provides service the next day within United States and provide an international service that is time-definite. FedEx operates on largest civil aircraft fights. This report deals with the WannaCry attack that took place in the organization. The WannaCry attack made the delivery system slower and effects the customer service. All the details of the incident are described in this report defining the pre-incident, at the time of incident, and post incident of the WannaCry incident in FedEx.
References
Boudar, O. (2017, October). Network behavioral analysis for zero-day malware detection–a case study. In Intelligent, Secure, and Dependable Systems in Distributed and Cloud Environments: First International Conference, ISDDC 2017, Vancouver, BC, Canada, October 26-28, 2017, Proceedings(Vol. 10618, p. 169). Springer.
Dwyer, A. (2018). The NHS cyber-attack: A look at the complex environmental conditions of WannaCry. RAD Magazine, 44, 25-26.
Floridi, L. (2017). The unsustainable fragility of the digital, and what to do about it. Philosophy & Technology, 30(3), 259-261.
Ganame, K., Allaire, M. A., Zagdene, G., & Boudar, O. (2017, October). Network Behavioral Analysis for Zero-Day Malware Detection–A Case Study. In International Conference on Intelligent, Secure, and Dependable Systems in Distributed and Cloud Environments (pp. 169-181). Springer, Cham.
Ioanid, A., Scarlat, C., & Militaru, G. (2017, September). The Effect of Cybercrime on Romanian SMEs in the Context of Wannacry Ransomware Attacks. In European Conference on Innovation and Entrepreneurship (pp. 307-313). Academic Conferences International Limited.
Mansfield-Devine, S. (2017). Ransomware: the most popular form of attack. Computer Fraud & Security, 2017(10), 15-20.
Mattei, T. A. (2017). Privacy, Confidentiality, and Security of Health Care Information: Lessons from the Recent WannaCry Cyberattack. World neurosurgery, 104, 972-974.
Mehlman, M. (2018). How CFOs Can Mitigate the Risk of Ransomware. Tax Executive, 70, 92.
Mohurle, S., & Patil, M. (2017). A brief study of wannacry threat: Ransomware attack 2017. International Journal of Advanced Research in Computer Science, 8(5).
Nissim, N., Mahler, T., Shalom, E., Goldenberg, I., Hasman, G., Makori, A., … & Shahar, Y. (2018). Know Your Enemy: Characteristics of Cyber-Attacks on Medical Imaging Devices. arXiv preprint arXiv:1801.05583.
O’Connell, D. (2018). The tower and the square: Understanding hierarchies and networks for improved organisational governance. Governance Directions, 70(4), 191.
Ringwood, F. (2017). I come to you not by chance. Water&Sanitation Africa, 12(5), 16-19.
Taddeo, M., & Floridi, L. (2018). Regulate artificial intelligence to avert cyber arms race. Nature, 556(7701), 296-298.
Wirth, A. (2017). It’s Time for Belts and Suspenders. Biomedical instrumentation & technology, 51(4), 341-345.
Wirth, A. (2018). The Times They Are a-Changin’: Part Two. Biomedical instrumentation & technology, 52(3), 236-240
Order an Essay Now & Get These Features For Free:
Turnitin Report
Formatting
Title Page
Citation
Outline
