(An article about the subsequent return of Forward Air’s systems can be found here.)
An updated statement from Forward Air about the collapse of its technology systems adds three key words that all but confirm the company is a victim of a cyberattack.
The statement, released by the ground and air carrier company Friday, said it had “notified law enforcement” about the “security incident.” A statement released Wednesday did not mention law enforcement. The rest of the statement released Friday was otherwise identical to the statement from earlier in the week.
The apparent cyberattack on Forward Air has been so extensive that its website is down. A Forward Air customer told FreightWaves that his customer service representative that Forward Air employees were told to shut down their computers to help slow the attack.
While Forward Air has not used terms like “ransomware” or “cyberattack” in its statements, outside experts on those issues said the Forward Air incident had all the hallmarks of such an occurrence. David Jarmon, a vice president at cybersecurity firm Gray Analytics and former Department of Defense official, told FreightWaves this week that based on the small amount of information Forward Air had released, it was likely that it was “targeted in a cyberattack, likely involving malware infecting its systems, which brings ransomware into consideration.”
The shutdown of much of Forward Air’s operations has had no discernible effect on the company’s stock price. Shares in Forward Air were up four consecutive days this past week, with a Friday gain of 0.86% to $78.20. That’s only 75 cents less than the company’s 52-week high.
Beyond the reference to law enforcement, the Forward Air statement repeated several key points: It “detected” the incident on Tuesday; third-party experts were brought in; and the technology team at Forward Air is “working diligently to restore the affected systems and services and bring them back online as soon as possible.”