FedEx targeted in cyber attack as hackers hit companies across globe

Memphis-based FedEx said Friday it was taking steps to recover from a cyber attack on some of its Windows-based information technology systems.

FedEx was one of numerous companies around the world that were reportedly hit by a worldwide ransomware campaign.

FedEx spokesman Jim McCluskey released the following company statement: “Like many other companies, FedEx is experiencing interference with some of our Windows-based systems caused by malware. We are implementing remediation steps as quickly as possible. We regret any inconvenience to our customers.”

More:Massive, fast-moving cyberattack hits as many as 74 countries

The BBC said computers in thousands of places in up to 74 countries had apparently been locked by a program that demands payment in an online currency called Bitcoin.

It wasn't immediately clear what impact the attack might have on FedEx's global pickup and delivery network and deliveries scheduled for the next few days.

McCluskey said the company was investigating whether the attack was part of a global campaign using ransomware known as WannaCry.

McCluskey said it was too early to tell whether it would lead to a service alert about potential shipment delays.

FedEx employees in Memphis received a text notification: “Virus spreading through FedEx with ransomware threat. Could be US wide. I would recommend you turn off your computer if it’s windows just in case.”

Related: Cyber-attacker 'bombs' Memphis medical records, seeks ransom

Some employees were told company systems globally were affected and that non-critical systems and PCs were to remain turned off until further notice from management.

FedEx founder Frederick W. Smith has long espoused the belief that the information about a package is as important as the package itself.

“He said it 25 years ago,” said Satish Jindel, a former FedEx insider who is president of SJ Consulting and ShipMatrix, which tracks the shipping industry’s performance.

“The industry is very heavily dependent on relying on good information to send the packages to the right address, to achieve the right productivity,” Jindel said.

“Information technology is so critical to the movement of packages. At one time it was for customer information, to give visibility into where a package is. More and more, without good information, the packages won’t even move through the system,” Jindel said.

The attack came about 10 days after an IT disruption at the FedEx Express world hub at Memphis International Airport resulted in a warning about shipment delays.

Read More: Memphis hub IT outage could slow FedEx shipments

Ransomware is a cyber attack in which hackers take control of a company’s data, encrypt it so the company can’t access it, then hold it hostage until the company pays for a code to unlock the data.

Cyber security expert Randell Casey said what’s unusual about the WannaCry campaign is the targeting of large companies that have resources to protect against and recover from such attacks.

“Usually the bad actors are looking for low-hanging fruit. The larger enterprises above $1 billion aren’t the targets as much because they have the money to spend on the techniques and practices to remediate and stop the attacks,” said Casey, chief executive of Austin-based CyberDefenses Inc.

“It is a little surprising that a larger enterprise was hit, rather than the traditional doctor’s, dentist’s, lawyer’s offices. A sole proprietor, they spend very little on infrastructure protection, so they become highly susceptible,” Casey said.

Reach reporter Wayne Risher at 901-529-2874 or wayne.risher@commercialappeal.com.