FedEx overcomes malware which shut-down auto plants, hospitals

Quimby Mug Bayou Florida Headshot

FedEx reported this morning that it’s back to business as usual following its battle with a global malware attack that shut down auto manufacturing plants and hospitals.

FedEx would not discuss the impact of the Windows-based ransomware called “WanaCrypt0r 2.0” or “WannaCry Ransomware,” nor would it offer details on how it overcame the virus which has largely attacked systems in Europe and Asia. Some networks in North America, such as FedEx, have also been impacted.

“FedEx has resumed normal operations and systems are performing as designed,” FedEx wrote in a statement to Hard Working Trucks. “As always, customers can visit or call FedEx Customer Service to check the status of their shipments.”

FedEx reported on Friday that it had been affected by the malware attack which exploits a weakness in Microsoft Windows. Experts warn that systems that do not undergo regular Windows updates are most vulnerable to the virus.

A 22-year-old cyber security researcher in the United Kingdom is credited with ‘accidently’ discovering a way of slowing down the corrupt software, which shut-down hundreds of hospitals and clinics in the U.K., Reuters reported.

To help stop the virus from spreading, Renault closed its factories in France and Romania on Friday. Nearly all sites resumed operation today, according to Reuters. German rail company Deutsche Bahn was also affected. Its scheduling screens displayed in rail stations for commuters were covered by ransomware messages (see below).

A Nissan manufacturing plant in Sunderland, England which had also temporarily shut-down operations is back up and running today. Renault and Nissan appear to be the only auto manufacturers effected by the virus.

Reports indicate the cyber attack has affected more than 200,000 organizations in about 150 countries. The attackers hijack organizations’ files and demand ransom money, in the form of Bitcoin, to release the files. Experts and authorities have told users, if hit, to not pay the attackers’ ransom.

Attackers target users via an email phishing scam, according to the U.S. Computer Emergency Readiness Team. The email will include a link. Once clicked, it takes encrypts users’ hard drivers, blocking them from accessing it and any files it contains.

The virus reportedly came from a hacking tool stolen from the U.S. National Security Agency. Microsoft blamed the U.S. government Sunday for not being guarded enough with software weaknesses, including those in Windows, which have been stored in U.S. government data bases that hackers have accessed and offered up for sale.

“This is an emerging pattern in 2017,” Microsoft President Brad Smith wrote in a blog post. “We have seen vulnerabilities stored by the CIA show up on WikiLeaks, and now this vulnerability stolen from the NSA has affected customers around the world.”

Note: James Jaillet, news editor for HWT’s sister publications CCJ and Overdrive, contributed to this report.