The Pennsylvania trucking firm A. Duie Pyle was hit with a ransomware attack over the weekend and even though the majority of its online communications capabilities were knocked offline, the company made sure to post updates for customers on its homepage.
The company reported on June 17 that a ransomware attack had impacted its network communication systems, but assured customers that its core operating systems, brokerage services and backups were not invaded or compromised, and that no data was extracted from these systems. The company was able to remain functioning by using its customer service number to take orders.
“While all businesses in our country are at risk for these type of attacks, and our turn came this weekend, we are very proud of our Pyle Team’s around-the-clock response to this intrusion,” the company said.
The company’s response to having its business severely impacted by a cyberattack came in marked contrast to how aerospace manufacturer ASCO Industries reacted when it was hit with a ransomware attack. Although the attack was confirmed through other sources, ASCO waited almost a week to go public.
Stuart Reed, VP at Nominet, told SC Media concerning ASCO’s situation that some level of silence is understandable during the early stages of the investigation, but noted that communication is important as the recovery process proceeds.
“Communication… is a critical part of any incident response plan. As such, organizations should ensure that after the initial assessment is complete, active engagement with stakeholders and, crucially, any victims of the attack takes place promptly to minimize the impact of a breach. Timely and informative communications can go a long way in repairing trust with customers and preserving brand equity,” he said.
By the afternoon of June 17 the company posted that all Pyle LTL, Dedicated, Warehousing and Brokerage Services were up and running and its delivery trucks were out handling business as usual, and gave an update on bringing its systems back online.
“We hope to restore external email communications later today, but as noted below, we are activating these communication systems in a very purposed and measured process in conjunction with our cybersecurity expert partner,” the company said.
The company turned out to be overly optimistic about its email recovery, as evidenced by a June 18 post noting that email was still down But the firm’s Driver handheld mobile data communication systems were brought back, enabling a number of operations to restart, including timestamping deliveries and pickups, and transmitting shipment pickup bills of lading directly from drivers to its billing centers on a real-time basis.
Later on June 18, Pyle highlighted the positives, noting additional services were brought back, like electronic data interchange services. But the company did not shy away from pointing out that email was still not restored, nor was the ability to transmit document images of bills of lading or delivery receipts.
The messages continued on June 19, noting the reactivation of API pickup request and shipment tracking connectivity.