The truck-maker noted in a filing on Monday that it immediately launched an investigation upon learning about the possible threat and took action in accordance with its cybersecurity response plan, including “employing containment protocols to mitigate the impact of the potential threat, engaging internal and third-party information technology security and forensics experts to assess any impact on the Company’s IT System, and utilizing additional security measures to help safeguard the integrity of its IT System’s infrastructure and data.”
“To date, the company’s IT system remains fully operational,” Navistar said. “Law enforcement is aware of the cybersecurity incident.”
Navistar is the latest business to be targeted by a cyberattack in recent weeks, following similar attacks against the world’s largest meat producer, JBS; the Massachusetts Steamship Authority; and the Colonial Pipeline, a 5,500-mile system that transports 100 million gallons of gasoline, diesel, jet fuel and heating oil per day, or roughly 45% of fuel consumed across the East Coast, between the Gulf Coast and New York metro area.
The attacks on JBS and the Colonial Pipeline have both been attributed to Russia-based ransomware groups.
President Biden recently signed an executive order to beef up the United States’ cybersecurity defenses. The order requires federal agencies to use basic measures, including multi-factor authentication and requires new security standards for software makers that contract with the federal government.
The Biden administration says it is also “looking at all options” to defend the country against ransomware criminals, including possible military action.
“We’re not taking anything off the table as we think about possible repercussions, consequences or retaliation,” Commerce Secretary Gina Raimondo said, according to Reuters.
She added that the topic will be on the agenda when the president meets with Russian President Vladimir Putin this month.
The White House is encouraging companies to follow the “five best practices” from Biden’s executive order, including multi-factor authentication; endpoint detection and response, to hunt for malicious activity on a network and block it; encryption, so that if data is stolen, it is unusable; and a skilled, empowered security team to patch rapidly, and share and incorporate threat information. Companies should also back up their data, system images and configurations, regularly test them, and keep the backups offline.
In addition, U.S. officials are asking private companies to be more vigilant and transparent about attacks and to stop paying the ransom fees.
FOX Business’ Brooke Singman contributed to this report