Getting stuff from A to B has never been more important or more in the public eye. And with the challenges of the pandemic, Brexit and spiking fuel costs, logistics companies are coming under increasing pressure around delivering on time and at low cost. Unfortunately, cyber criminals don’t care about that and if logistics companies are not prepared they could easily fall victim to a DDoS cyber-attack. Read on and we’ll show you what is happening now in the cyberverse and how you can protect yourself against the DDoS criminals.

,So, what is a DDoS attack?

A distributed denial-of-service (DDoS) attack is a malicious attempt to disrupt the normal traffic of a targeted server, website, or network by overwhelming it with a flood of Internet traffic.

DDoS attacks frequently come from multiple sources to make their identification more difficult. It can also hinder the victim organization’s attempts to stop the DDoS.

In lay terms it’s like an unexpected traffic jam clogging up the highway, preventing regular traffic from arriving at its destination.

DDoS normally present themselves, as you would expect, by a slowing or crashing of a company’s network or website. Which costs you time, reputation and money and potentially drives your customers to competitors websites.

I thought it was all about Ransomware now, so what is the Mitel Attack?

In mid-February 2022, security researchers, network operators, and security vendors observed a spike in DDoS attacks targeting internet service providers, financial institutions, logistics companies, and a variety of organizations in other markets. Some organisations are still experiencing issues now.

The attacks could be traced back to hardware components that were part of Mitel’s MiCollab and MiVoice Business Express products, an advanced business telephone system. About 2,600 of these systems were configured in a way that allowed malicious actors to abuse them to launch DDoS attacks against other networks over the internet. The attack is remarkable with regard to its amplification potential, which dwarfs that of all previously known DDoS attacks. Previously, the largest known amplifier was able to increase attack traffic by a factor of 51,000. This attack raises that to over 4 billion — for one single attack initiation packet sent to the victim server.

For those without protection, this attack (and many other DDoS attacks) can cause severe damage and business interruption by rendering systems and applications unreachable and unusable for long periods of time. The good news is that despite its record-breaking amplification efficiency, the risk from this exploit is low for companies that have solid DDoS protection measures in place.

These attacks were often conducted by activist groups, but they are now just as likely to a tactic of more conventional cyber criminals. And like all businesses, if the internet gateway is down, prospective customers may simply look elsewhere to get what they need.

If a cyber-criminal can disrupt a company network by way of a DDoS attack, they can shut the entire operation down until they receive payment to put the system back up again. For logistics firms the loss of revenue that could result from operations being down for even a brief period makes paying the ransom potentially worth it. There is also the reputational damage that stems from such attacks.

Finally, remember ‘Small is not safe.’ A survey by PWC found that 40% of logistics companies have significant issues around data assurance and cyber security - and the number of cyber-attacks is continuing to rise throughout 2021 and 2022.

Can you protect yourself from these attacks?

DDoS attacks are notoriously difficult to prevent. The attackers don’t necessarily need internal access to the network as the attack is from the outside. They are increasing in complexity and sophistication meaning that defense against these dark arts needs continual review. But the key points for protection to remember are:-

1. Know your network's traffic. A free tool that we can recommend here is Police CyberAlarm | The Eastern Cyber Resilience Centre (ecrcentre.co.uk)
2. Create a Denial-of-Service Response Plan within your incident response plan Tools | Eastern CRC (ecrcentre.co.uk) – one of the areas covered within the Cyber Essential (CE) Program
3. Make your network resilient and practice good cyber hygiene – using CE principles
4. Scale up your bandwidth. The greater the bandwidth the more effort a DDoS attacker will have to make to crash your site. Moving your operation to the cloud may help.
5. Take advantage of anti-DDoS hardware and software. Speak to your Managed Service Provider (MSP) if you have one.
6. Make sure all staff know the symptoms of an attack and respond quickly to it using your plan.

What next?

The impact of a successful attack against your website or network can be catastrophic and lead to website downtime, loss of business and loss of reputation. In the worst cases it can lead to the closure of the business altogether. But all is not lost.

So, what can I do?

Here at the centre, we would advise you to do three things now:-

1. Join our free core membership by clicking through to https://www.ecrcentre.co.uk/core-membership-sign-up. You will be supported through implementing the changes you need to make to protect your business and your customers.
2. For small and medium sized businesses in the Eastern region we would recommend that you look at improving you overall cyber resilience through the free Little Steps pathway we provide to Cyber Essentials – the basic government backed kite mark standard for cyber security. https://www.ecrcentre.co.uk/what-is-cyber-essentials. Join the centre as a free member and we will take you as far as the CE accreditation process. And if you want to pay for the assessment, we can refer you one of our Trusted Partners – all regionally based cyber security companies that can help you become accredited.
3. We would also recommend that you speak to your Managed Service Provider and / or website company to discuss how they can implement cyber resilience measures on your behalf.

And remember that a company operating under Cyber Essentials processes is 99% protected either fully or partially from today’s common cyber-attacks.

Reporting Cyber Crime

Report all Fraud and Cybercrime to Action Fraud by calling 0300 123 2040 or online. Forward suspicious emails to report@phishing.gov.uk. Report SMS scams by forwarding the original message to 7726 (spells SPAM on the keypad). s common cyber-attacks.