Claims of ransomware attacks on factoring firm eCapital shrouded in mystery

An illustration of four skeleton figures in front of computers representing hackers for an article about a ransomware attack

Two ransomware gangs have separately claimed they attacked and stole data from freight factoring provider eCapital, raising the question of whether the firm got hacked twice.

The answer isn’t so clear. 

An eCapital spokesperson initially said the company had “recently sustained a sophisticated cybersecurity incident” after FreightWaves inquired about an attack announced by the Lorenz group on the dark web in late July. 

“Due to our pre-existing security measures, we were equipped with sufficient...

Did hackers pull off a maritime ‘Colonial Pipeline 2.0’?

An aerial view of the Port of Las Palmas, which includes Petrologis Canarias, a company targeted in a ransomware attack.

When the LockBit ransomware gang announced it had hit maritime fuel provider Petrologis Canarias earlier this month, the hackers proclaimed the cyberattack “Colonial Pipeline 2.0” with an added wink emoji.

Unfortunately for the hackers, it could never have lived up to the massive disruption of the U.S. fuel supply after the ransomware attack on Colonial. Based in Spain’s Canary Islands, their victim has 73,500 cubic meters, or 19.4 million gallons, used for bunkering — the refueling of vessels....

Cold Chain Summit: Why hackers see cold storage as ‘prime target’

A still image of Kurt George of Property Damage Appraisers discussing how ransomware attacks can impact cold storage facilities.

This fireside chat recap is from FreightWaves’ Cold Chain Summit.

FIRESIDE CHAT TOPIC: When cyberattacks hit cold storage facilities 

DETAILS: Hackers have left few industries unscathed as ransomware attacks hit companies across the world. Cold storage giant Americold saw its operations disrupted in November after such an attack. Americold isn’t alone. Cold storage providers represent an attractive target for hackers because of the high cost of a systems outage, particularly if it affects the...

Cyberthieves say they have ‘moral principles’

An illustration of a bulgar wearing a striped shirt using a vacuum to pull data from a computer, illustrating an article about cyberthieves who steal data.

They openly admit to hacking companies’ IT systems, stealing their sensitive data, and leaking it and putting it up for sale if they aren’t paid. But there are some red lines that the operators of the Marketo stolen-data marketplace say they won’t cross.

They claim they don’t do ransomware — that they neither conduct the attacks, which encrypt victims’ data, nor benefit from data harvested in attacks by others.

“We don’t have the goal of destroying other people’s businesses,” the group told...

Why a trucking company called a lawyer minutes after a ransomware attack

A illustration of a man in a burglar outfit running across 1s and 0s to illustrate data theft during a ransomware attack.

Earlier this year, Carrie Palmer got a panicked phone call from a client. The trucking company had gotten hit by a ransomware attack minutes earlier, and it wanted the South Carolina-based lawyer’s guidance on what its next steps should be. 

By Palmer’s account, it was a pretty typical attack. The hackers took the IT systems offline by encrypting data and left a note to begin the process of attempting to extort the carrier. The good news: The company had been well prepared with a plan of action,...

Ransomware gang behind Utility, CSX attacks feels heat in Ukraine

Ukrainian and South Korea police at the home of an alleged member of the Clop ransomware gang.

Ukrainian police have dealt a serious blow to the ransomware gang behind the cyberattacks in the U.S. transportation and logistics sector  — including the trailer maker Utility and rail operator CSX — arresting six alleged members of Clop and seizing cash, computers and cars.

The National Police of Ukraine said Wednesday it made the arrests as part of an operation with U.S. and South Korean law enforcement and Interpol. Beyond nabbing the alleged cybercriminals, police said they shut down the...

How does a ransomware attack work?

A sign pointing to Colonial Pipeline, which was targeted in a ransomware attack.

Imagine you’re sitting at a computer. Perhaps you’re managing a fleet of trucks. Or ships. Or perhaps tendering a load of cargo, or sending customs clearance documentation. And then suddenly, things stop working. Every file has a strange extension. You can’t open anything. Then you notice a text file. It kindly explains that you’ve been the victim of a ransomware attack.

Ransomware attacks are pretty straightforward at their core. They involve a piece of software called malware that encrypts...

US recovers ransom paid to Colonial Pipeline hackers

A gas station sign says "Out" because its tanks are empty. Amid the Colonial Pipeline Co. cyber attack and shutdown, the U.S. faces gasoline shortages and high gas prices.

The U.S. Department of Justice has seized $2.3 million worth of Bitcoin paid to the hackers behind the cyberattack that led to the shutdown of Colonial Pipeline in May, federal officials announced on Monday. 

The FBI recovered 63.7 bitcoins that had been paid to members of the DarkSide ransomware gang after a federal judge signed a seizure order. 

“Ransom payments are the fuel that propels the digital extortion engine, and today’s announcement demonstrates that the United States will use all...

JBS cyberattack: Livestock haulers feel brunt of plant shutdowns

A truck transports live cattle in illustrate an article about the impacts of the JBS cyberattack on livestock haulers

Truck driver Darwin Hershberger was preparing to transport cattle from Wyoming to Utah on Monday morning when the feedlot owner told him the load was canceled. The reason: a cyberattack on JBS, the largest meat processor in the world.

Hershberger and other truck drivers who specialize in hauling livestock have been feeling the brunt of the attack, which has disrupted operations at JBS facilities across the U.S. and Canada. The White House said it was a ransomware attack, likely by hackers in...

Data breach hits 44 big Canada Post shippers, exposing nearly 1M customers

A Canada Post truck viewed from the size.

Canada Post said on Wednesday that a cyberattack and data breach on an electronic data interchange (EDI) supplier has compromised information from 44 of its large parcel business customers, affecting nearly 1 million recipients. 

The attack on Ontario-based Commport Communications compromised the shipping manifest data of the customers. Canada Post, Canada’s government-run postal carrier, did not identify the customers. 

About 950,000 recipients were impacted by the breach, Canada Post said. The...

Join Our Newsletter
Enter your email to receive a weekly round-up of shipping news.