The SDEK “technical failure” began on Sunday.
Photo: Shutterstock.
The “technical failure” began on Sunday. Employees at the order pick-up points were unable to log in to the company’s information system. And a little later, the company’s website and mobile app disappeared completely.
“We have temporarily suspended the issuance and acceptance of shipments to avoid errors during manual processing,” the company explained.
As it turned out, the cause of the technical failure was an encryption virus. The hacker group Head Mare admitted to having successfully attacked a Russian company on the social network X (formerly Twitter).
A KEY IS NEEDED TO DECORATE
– The intention of such an attack can be very different: from personal revenge to extortion and political opinions. It is difficult to say what the reason is in a particular case. It is quite possible that politics is involved here, because the Head Mare group is considered pro-Ukrainian. Typically, the goal of hackers in these cases is not money, but a big scandal that they try to create with their attack, one of the experts in the field of information security, who preferred to remain in the field, explained to KP.RU. anonymity.
According to him, encryption viruses are malicious programs that encrypt company data. And without a key that only hackers know, it is impossible to access the data. The company’s work is completely blocked.
“For known encryption viruses, there are special decryption programs, and if the virus is new, it will be necessary to restore data using backups,” says the KP.RU expert.
– Typically, attackers demand a ransom. And when they receive it, they give the key to the company. But they may not reveal it. They will just take the money and laugh again,” says another information security expert.
At the same time, it is unlikely that the company will be able to crack the code on its own. Especially if it was done not by beginners, but by professionals. And only they could hack a company as big as SDEK. Although…
– If I remember correctly, the SDEK company has been hacked for the third time. Previously, hacks were accompanied by the leak of personal data, but now the service is completely out of order. Judging by reports, the archived versions have not been updated for about six months,” Igor Bederov, general director of the Internet search company, told Komsomolskaya Pravda radio.
According to the expert, the company’s information security was at a fairly low level. And it was attacked by hackers not because it was specifically targeted, but because the hackers found a “hole”.
– There is no system here. Thieves passively scan the network. They don’t care what to scan. These can be websites of large companies, government agencies and online stores. As soon as they discover a vulnerability, they take advantage of this opportunity. And they start the attack and then how it develops,” explains Igor Bederov.
HOW THE HACKERS GOT THERE
– It can enter computer systems in different ways: from links in emails to malicious attachments in the form of files, documents, etc. For example, 90% of ransomware attacks arrive through phishing emails such as “Photos from a corporate event.” An employee opening a work email file is enough to launch a virus into the system, explains an information security expert.
That’s why, for example, banks and federal authorities strictly prohibit the use of personal email on work computers.
WHAT HAPPENS TO THE PACKAGES
Nothing bad can happen with physical packages. This is not a fire in a warehouse, but simply a failure in the information system. Packages are found in warehouses, on trucks or at order delivery points.
– Packages don’t go anywhere. They have barcodes and sender/recipient information. It will only be necessary to process them manually, says Igor Bederov.
Apparently, SDEK has already solved the problem in one way or another. At least, if before the company limited itself to vague comments, details appeared on Tuesday.
– SDEK collection points will resume delivering parcels no later than tomorrow, May 29. “We are working to fully resume service, but we have also prepared backup plans,” said Misha Berggren, SDEK communications director.
ASK FROM THE EDGE
Is it possible to demand something?
It all depends on how the hacker attack is resolved and whether there will be losses for customers. But the deadline is quite short, so it is unlikely that anything will be demanded.
– For such an important professional player in the market, taking care of one’s own information security is an important expense, but it must be there. However, in Russia large payments are not made in case of delayed goods. Yes, there are sanctions or fines for delays in loading, but in this case the deadline is short enough to say that the court can side with the plaintiff,” said lawyer Andrei Nekrasov, director of the public organization “Consumer Rights.” . Komsomolskaya Pravda radio.
According to him, if the situation has not caused any serious harm to the client, the court will limit itself to imposing a small fine. And if the collection points open on Wednesday and the company resumes work, it is unlikely that any of the customers will go to court.
HELP “KP”
The company SDEK stands for “Express Courier Delivery Service”. It was founded in 2000. The main business is located in Russia. Here it has more than 3.8 thousand delivery points. In addition, around 500 points are located abroad, in 31 countries, including Europe.
