Yusen – ‘Cyberattack meant we couldn’t pay our staff…’

Speaking during a panel discussion at the Microlise Transport Conference in Coventry, Daniel Brind, head of IT security at Yusen Logistics Europe said: “I can’t underestimate the impact that a major cyberattack has on the reputation of the organisation and the people who work for it. The time and commitment in overcoming the incident is all-consuming and very difficult to deal with.”

Yusen’s business was hit in September 2023 but restored operations across a three-month window. At least one major customer was seriously impacted. Other recent attacks have hit operations at Owens Group and supply chain management giant Blue Yonder. 

“What also caught me by surprise was the immediacy of the event,” Brind told delegates. “We had an organisation operating perfectly well one minute and then all of a sudden it’s changed forever.”

He added that prior to the attack the company hadn’t considered the effect the attack might have on its employees: “We didn’t forsee the importance of being able to pay employees if all the IT systems were offliine for any period of time,” he admitted. “If you experience a cyber incident you are fully reliant on the people in the organisation to put in the time and effort to bring it back to life. If those same people can’t pay their mortgage, pay their rent or feed their families then it’s a whole new experience. If your IT systems went down tomorrow could you still run payroll later in the month and keep the people in the organisation in work?”

Brind warned that the cyber gangs targeting the road transport sector are “highly organised, very capable and very clever” in the way they operate: “They’re not going to launch an attack between 9-5 when your IT people are ready to respond,” he said. “It’ll be on a Sunday, in the middle of the night, or on Christmas Day when nobody is looking at the systems and able to respond.”

He added that the attack had been “a chilling experience” and that preparedness was key to managing any threat. “We sat down as an organisation afterwards and asked what practical things we could learn and what we wish we’d known in advance,” he said. “It’s vital to put that pre-work in and to be prepared.”

Conference host Microlise was itself subject to a cyberattack last October, causing a security breach that impacted many customers. The incident disrupted DHL’s store deliveries for retailer NISA, leading to the complete wiping of servers dedicated to the tracking system used by DHL.

Nadeem Raza, chief executive of the tech solutions firm, said it had carried out testing exercises and drills prior to the attack but that “going through the event in real life is very different”.

“There are so many things we’ve learnt,” he admitted. “One thing worth sharing is that you often think in these exercises that the critical systems are the warehouse operations etc. But actually, you’ve also probably got what you think are minor systems, like some label printing going on, that’s critical to getting stuff out the door. And it’s probably been running perfectly fine on a PC for the last 10 years and suddenly it’s not working. Do you know who set it up? Have you got a copy of the software? So it’s a critical component you didn’t realise was critical. You don’t include it in your exercise because you don’t think it’s critical. You learn from that because suddenly you don’t have it.”

Asked what simple steps operators could take to further protect themselves from cyber threats, Brind urged operators to work collaboratively: “The simple answer is to take it seriously and plan effectively in case an incident occurs,” he said. “We work in a low margin, highly competitive industry and the idea that our organisations are going to have enormous cyber budgets and have all those controls in place is unrealistic. So for me, the best way we can overcome it is to work collectively and use our resources together to raise our collective ability to respond to a cyber threat. We’re not in competition here; we’re dealing with a criminal attack so the more we can work together and share information the better chance we have of getting through it.”