TNT cyber-attack crippling small firms, says FSB

By Bill Wilson
Business reporter, BBC News

  • Published
TNT logo at its Dutch headquartersImage source, AFP

Small firms are being "crippled" by the continuing impact of last month's NotPetya cyber attack on Dutch delivery firm TNT, a business group has warned.

The Federation of Small Businesses (FSB) says it has "serious concerns" over the effects of the 28 June attack.

"[It] has been debilitating for some small firms who remain in the dark over when, and if, they can expect their goods to be delivered," the FSB said.

A TNT website message reads: "We regret any inconvenience to our customers."

It adds: "We are implementing remediation steps as quickly as possible to support customers who experience limited interruption in pick-up and delivery operations and tracking systems access."

However, the FedEx-owned firm did not wish to comment directly on the FSB's comments.

'Software compromised'

Mike Cherry, the FSB's national chairman, said continuing disruption could threaten the survival of its members.

"Small business customers need accurate, clear and frequent updates from TNT to help them with their own contingency planning and a commitment to provide redress to those small businesses who have lost out," he said.

"This is a stark reminder of the danger posed by cyber-crime and how it can strike down smaller businesses indirectly, having a much wider impact on the economy.

"It serves as a major wake-up call on the need to tackle and prevent the growing threat of cyber-crime right across the business community."

FedEx has already warned the US stock exchange that the cyber attack will have a "material" financial effect on the company, given that it did "not have cyber or other insurance in place that covers this attack".

A message posted on FedEx's US website adds: "TNT operates in Ukraine and uses the software that was compromised, which allowed the virus to infiltrate TNT systems and encrypt its data.

"While TNT operations and communications were significantly affected, no data breach or data loss to third parties is known to have occurred."