Chicago-based transportation technology firm Rand McNally is working on restoring network functionality following a cyberattack that hit its systems earlier this week.
Rand McNally is an American company founded in 1856 that provides leading route mileage optimization and fleet management software to carriers, shipping companies, and third-party logistics providers.
Some systems taken offline following the attack
“We recently discovered a disruption to certain portions of our computer network,” the company said in a Facebook post on Tuesday. “We commenced an immediate investigation that included taking certain systems offline and working with computer forensic specialists to determine the nature and scope of the event.
“We are working diligently to restore the functionality of our systems. We appreciate your patience and understanding and apologize for any inconvenience.”
In a separate notification sent to customers on Tuesday, Rand McNally said that no indication of customer data being affected in the cyberattack.
Rand McNally was not able to provide a recovery timeline or an estimation of how long it will take to restore network functionality.
Also, starting Tuesday morning, the company’s main website and the fleet site went down to be brought up with limited functionality the next day.
Right now, Rand McNally’s sites are displaying disruption notices saying that “we’re upgrading our systems now and will be back up soon.”
Customers can request help with Fleet products (TND 760/765, HD100, DC 200, DC 210) here and with GPS and other Electronics (TNDs, OverDryves, Tablets, Headsets) here via chat support.
Earlier today, Rand McNally sent a new email notification to users of its electronic logging devices (ELDs) saying that the cyberattack affected only its hosted and network systems.
“The navigation functionality of our GPS devices is not impacted — those devices continue to work as do other consumer electronics,” the company added.
“Please also note that are experiencing significant shipping delays for orders made through our online store.”
During the response and recovery process, we are mindful of the ever-increasing level of sophistication of these incidents. We engaged experienced professional consultants to guide our efforts, and we are taking deliberate care to evaluate any risks. We have taken significant steps forward toward restoration and continue to investigate for more insight into the incident and how to prevent future disruption. – Rand McNally
DriverConnect ELD platform down
However, in a statement shared with Land Line, a Rand McNally spokesperson said that the company’s ELD platform was down and suggested the use of paper-based logging until the affected systems are restored.
ELD devices are electronic logbooks all drivers have to use to prevent them from driving more hours than they are allowed by law.https://googleads.g.doubleclick.net/pagead/ads?guci=2.2.0.0.2.2.0.0&client=ca-pub-3622156405313063&output=html&h=280&slotname=21d0955.1e1f454&adk=2434429033&adf=4286586151&pi=t.ma~as.21d0955.1e1f454&w=336&lmt=1606414405&psa=1&format=336×280&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ftruck-routing-provider-rand-mcnally-hit-by-cyberattack%2F%3F%26web_view%3Dtrue&flash=0&wgl=1&adsid=ChEIgOSC_gUQ8_CmxtPT3YXKARJMAKhvVQs1Kyc6LK6hTujv1u-g6H4XoxO46iZNIQdijvD3fjYTXYwf0XTSaYi_jtT5bHtKQ71ctuMdAgmD-ViG6kVdXhAgYjXBOlYKJg&uach=WyJXaW5kb3dzIiwiMTAuMCIsIng4NiIsIiIsIjg2LjAuNDI0MC4xOTgiLFtdXQ..&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1606494145429&bpp=7&bdt=36450&idt=8&shv=r20201112&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2cf5435d293f309b%3AT%3D1606494112%3AS%3DALNI_MZ0gUE6nEh3XTK7X5KIyRFWJCKBUQ&prev_fmts=0x0%2C1349x568%2C834x500&nras=2&correlator=1916357397042&frm=20&pv=2&ga_vid=1698274668.1606030711&ga_sid=1606494111&ga_hid=1617075878&ga_fc=0&iag=0&icsg=1495481842794496&dssz=70&mdo=0&mso=4362338464&u_tz=330&u_his=1&u_java=0&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_nplug=3&u_nmime=4&adx=90&ady=3432&biw=1349&bih=568&scr_x=0&scr_y=2932&oid=3&pvsid=620467377742729&pem=736&ref=https%3A%2F%2Fcyware.com%2F&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1366%2C0%2C1366%2C728%2C1366%2C568&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=12&uci=a!c&fsb=1&xpc=rDvCAtTD4b&p=https%3A//www.bleepingcomputer.com&dtd=20
“[T]he network that supports our DriverConnect ELD platform is not working,” the spokesperson said. “As per FMCSA rules, we are instructing fleets and drivers to use paper-based logging until we can restore our systems.”
“We assure you that we are focusing our resources on restoring the functionality of our network to resume delivery of our full range of services.”
Although Rand McNally made no official statement regarding this, the cyberattack currently affecting its systems shows all the signs of a ransomware attack starting with large scale operational disruption and the ongoing efforts toward network restoration.
BleepingComputer has reached out to Rand McNally for additional info regarding the attack but had not heard back at the time of this publication.