Microlise battling Halloween cyber attack which disrupted DHL store deliveries for NISA

In a statement to its retailers NISA revealed that the cyber attack - which happened in the early hours of Halloween on 31 October - led to the complete wiping of servers dedicated to the tracking system used by DHL to make NISA store deliveries. 

Microlise supplies the delivery tracking system to DHL. It is unclear if other DHL customers have been affected by the cyber attack.

Microlise and DHL moved swiftly to eliminate any disruptions to NISA retailers, reporting on the same day of the attack that deliveries had resumed as scheduled with an interim system  providing delivery updates every 15 minutes.

DHL drivers were also tasked with communicating any unrelated delays to retailers via DHL’s customer service teams, in the absence of the live tracking tools.

A Microlise spokesperson told MT: “As confirmed late last week, Microlise has been impacted by a cyber incident, affecting part of the systems and services we provide.

“Some of our systems have now been restored and we are continuing to safely and securely complete restoration across all affected systems, in line with expert guidance and security protocols we have in place.

“Throughout this process, our internal incident response team has been working closely with external cybersecurity experts to resolve this incident.

“Our absolute focus is on minimising disruption and quickly resuming services for our customers.

“We are keeping customers and relevant stakeholders closely updated on progress, as we work hard towards full system restoration.

“The safety and security of customer data and business operations is always our top priority, and we are taking this matter very seriously.

“We’d like to thank our customers for their patience and understanding during this time.”

DHL said it is working with customers that have been impacted by the cyber attack but did not specify which customers had been affected.

A spokesperson said: “DHL Supply Chain UK is aware of a downtime incident impacting Microlise, a third-party supplier which we use.

“We can confirm this incident has not affected DHL-owned systems.

“However, as a precaution we have implemented our appropriate safeguarding measures.

“We are working to resolve the situation and have implemented contingencies to ensure that service levels are maintained for those customers who may be potentially impacted.

The spokesperson added: “The incident has no relation to or impact on any other operations of DHL Group, including DHL Express, DHL eCommerce or DHL Global Forwarding.

 “We are in direct communication with the supplier and will communicate any further updates as necessary.

Cyber security experts said this week that supply chains are particularly vulnerable to this sort of attack.

Elaine McKechnie, cyber security head at consultancy i-confidential, said: “This is a worrying incident against Microlise which seems to have impacted multiple organisations using their technology.

 “This once again demonstrates the volatility of digital supply chains.

Turning to the impact on Microlise’s clients, McKechnie said: “What is also interesting about this, is that it’s not Microlise themselves who centre in the spotlight of the news.

 “It’s mostly the companies who use their product, eg DHL and NISA Local, who have been named as the impacted parties who are now bearing the brunt of the reputational damage relating to the cyber incident. 

“This is a timely reminder that the consequences of supply chain attacks can be just as devastating as those targeting an organisation’s own infrastructure, so they must take steps to improve third party resilience as part of their cyber security strategies.”

Sigma Cyber Security said the logistics sector needs to increase its cyber security levels. In a statement the company said: “This incident is not an isolated one for DHL, as a previous breach in June 2023 targeted employees through its technology provider, Zellis.

“The recurrence of cyber attacks on crucial logistics and delivery infrastructure underscores the pressing need for enhanced cybersecurity measures across the industry.

The company added that increasing cyber attacks signal the urgent need for logistics and delivery companies to fortify their cybersecurity defences.

“Robust security protocols, continuous staff training, and timely system updates are crucial to combat evolving threats. Collaboration with technology partners is essential to address vulnerabilities and safeguard operational integrity.

“The cyber attack on NISA and DHL serves as a stark reminder of the digital risks facing modern businesses.

“As organisations navigate the complex realm of cybersecurity, vigilance, preparedness, and swift action are imperative to safeguard operations and uphold customer trust.”