JAS Forwarding Recovers from Cyber-Attack, but Stolen Credentials Cause Concern

JAS Forwarding, a major global logistics and freight forwarding company, has largely recovered from a ransomware attack that occurred last week, though concerns remain over the theft of sensitive credentials. The cyber-attack, which took place on August 27, 2024, resulted in the leak of more than 400 data records, according to a ransomware database.

In an official statement, JAS announced that most of its systems had been restored and were now functioning normally.”Our central operating systems are functioning well, and all fundamental operations are operational. We are reaching complete recovery, and the majority of our consumers most of our customers and vendors have resumed doing business with JAS at the pre-incident level across most geographies,” the company said.

While the company has made strides in recovering its operations, JAS remains vigilant, closely monitoring for any residual risks. “We are staying vigilant, closely monitoring potential risks, and implementing additional security measures to mitigate future disruption,” the statement continued.

The Nature of the Attack

JAS confirmed last week that the cyber-incident was the result of a ransomware attack. Although the company did not disclose whether it paid any ransom, a source at a cybercrime firm speculated that JAS might have done so, given the absence of any public extortion attempts by the attackers. “This could mean that JAS paid the ransom, but we cannot be sure,” the source noted. The database of stolen records showed numerous administrative credentials, indicating that hackers had access to highly sensitive systems.

According to the source, over 150 mentions of the attack appeared in hacker forums, signaling that the attackers had significant material to work with. Many of the compromised accounts belonged to administrators, which potentially gave hackers access to critical systems that could allow them to extort the company or demand ransoms.

JAS’s Response and Recovery

JAS’s recovery has been relatively quick compared to other companies that have faced similar attacks. Just two days after the attack, the company announced that its email systems and website were secure and that communications were restored. Additionally, JAS confirmed that the majority of its contract logistics businesses had not been affected by the attack.

Despite these successes, the company acknowledged that it was still addressing some remaining backlogged requests and restoring local-specific functionalities that had been disrupted. JAS emphasized that it was resolving these issues “methodically and professionally.”

Cybersecurity experts caution that ransomware attacks can have long-lasting effects, even if companies manage to recover swiftly. Andrew Martin, CEO of cybersecurity firm DynaRisk, emphasized that paying a ransom does not always guarantee a smooth recovery. “Ransoms can be very difficult to recover from, with outages possible from days to weeks in most cases,” added the electrician.

Cyber-Attacks: A Growing Threat to Logistics Companies

The logistics and supply chain industry has become an increasingly popular target for cybercriminals. Companies such as Expeditors and Maersk have suffered substantial operational and financial losses from ransomware attacks in recent years. In 2022, Expeditors was sued for $2.1 million by its long-term customer iRobot, which claimed the company failed to implement a business continuity plan following a ransomware attack that disrupted global operations.

In JAS’s case, the rapid recovery suggests that the company’s impact was less severe. However, the incident underscores the broader vulnerability of logistics firms to cyber-attacks, which can disrupt global trade and lead to significant financial losses.

The Cost of Cyber-Attacks

Even when a company doesn’t pay a ransom, the cost of a cyber-attack can be immense. Ransomware attacks can destroy data, corrupt systems, and require significant investments to restore lost information and secure networks. For example, Expeditors’ failure to restore its systems after a ransomware attack led to significant delays and legal repercussions.

While JAS Forwarding has so far avoided similar consequences, the exposure of sensitive data, including administrative credentials, raises concerns about the long-term security of its systems.

Preventing Future Attacks

Cybersecurity experts warn that companies must take proactive steps to prevent future attacks. Martin recommended several key measures for companies like JAS to protect their systems, including installing endpoint detection and response (EDR) solutions, training staff to identify phishing attempts, implementing regular backups, and enabling multifactor authentication (MFA).

According to Martin, “Companies should take important steps to protect themselves.” “These include installing EDR solutions, training staff on how to spot phishing emails, and enabling multifactor authentication wherever possible.”

JAS emphasized that it remains committed to supporting its customers throughout the recovery process and is focused on ensuring its systems are fully secure going forward.


FAQ Section:

1. What happened to JAS Forwarding?
JAS Forwarding suffered a ransomware attack on August 27, 2024, resulting in the leak of over 400 sensitive data records. However, the company has largely recovered and restored its core operations.

2. How did JAS Forwarding respond to the cyber-attack?
JAS quickly restored most of its systems and resumed business with most of its customers. The company also implemented additional security measures and is closely monitoring for any potential risks.

3. Did JAS Forwarding pay a ransom?
While JAS has not confirmed whether it paid a ransom, a cybercrime source speculated that the company might have done so, as hackers did not publicly attempt to extort them.

4. What is ransomware?
Ransomware is a type of malicious software that blocks access to a system or data, demanding a ransom for its release. Even when a ransom is paid, recovery can be time-consuming, and data may still be lost.

5. How can logistics companies protect themselves from cyber-attacks?
Companies can protect themselves by using endpoint detection and response (EDR) systems, training employees to spot phishing emails, enabling multifactor authentication, and regularly backing up their data.

6. Why are logistics companies targeted by cyber-attacks?
Logistics companies are prime targets because they rely heavily on interconnected IT systems. Disruptions to their operations can cause significant global trade issues, making them lucrative targets for cybercriminals.

About Us

Technijian is a premier provider of managed IT services in Orange County, delivering top-tier IT solutions designed to empower businesses to thrive in today’s fast-paced digital landscape. With a focus on reliability, security, and efficiency, we specialize in offering IT services that are tailored to meet the unique needs of businesses across Orange County and beyond.

Located in the heart of Irvine, Technijian has earned a reputation as a trusted partner for businesses seeking robust IT support in Irvine, Anaheim, and across Orange County. Our dedicated team of IT experts ensures that your technology infrastructure is always optimized, secure, and aligned with your business goals. Whether you require managed IT services Irvine, IT consulting, or cloud services Orange County, we’ve got you covered.

As a leader in IT support Orange County, we understand the challenges businesses face when maintaining and advancing their IT environments. That’s why our comprehensive suite of services includes IT infrastructure management, remote IT support, IT help desk, and IT outsourcing services. With proactive monitoring, disaster recovery, and strategic consulting, our goal is to minimize downtime, enhance productivity, and provide IT security services that give you peace of mind.

At Technijian, we take pride in offering customized managed IT solutions that exceed client expectations. From small businesses to large enterprises, our IT services in Irvine are designed to scale with your needs and support your growth. We specialize in cloud services, IT systems management, business IT support, technology support services, IT network management, and enterprise IT support.

Whether you need help with IT performance optimization, IT service management, or IT security solutions, we provide comprehensive services that enable businesses to remain agile in today’s competitive market. Our IT solutions provider services ensure your operations remain secure, productive, and future-ready.

Experience the difference with Technijian—your trusted partner for IT consulting services, managed IT services, and IT support in Orange County. Let us guide you through the complexities of modern IT infrastructure and help you achieve your business objectives with confidence.

Ravi JainAuthor posts

Technijian was founded in November of 2000 by Ravi Jain with the goal of providing technology support for small to midsize companies. As the company grew in size, it also expanded its services to address the growing needs of its loyal client base. From its humble beginnings as a one-man-IT-shop, Technijian now employs teams of support staff and engineers in domestic and international offices. Technijian’s US-based office provides the primary line of communication for customers, ensuring each customer enjoys the personalized service for which Technijian has become known.

Comments are disabled.