MELBOURNE, Que. — Last spring, RPM Transit, a family business in Melbourne in the Eastern Townships with 36 tractors, was the victim of hacking.

Half of the employees, incidentally, were undergoing cyber security training when we spoke to president Kevin Faucher for this article. 

It was in early March, a week before the declaration of a pandemic state and the ensuing lockdown.

The entire company computer system was attacked. “One good morning, everything was encrypted. Absolutely nothing was working, the satellite system, the data, the billing,” recalls Kevin Faucher.

RPM Transit operates almost paperless. General data backups were kept at a software vendor, but recent documents like proof of delivery, bills of lading and Customs documents were completely lost.

“We had to start from scratch. We did not know which truck this cargo was in, whether that truck had left. We didn’t know anything,” Faucher says.

Fortunately, the data from ELDs, which are outsourced to the supplier, was not affected.

The hacker demanded a ransom of a few thousand dollars, payable in bitcoin. A significant sum, but less than what it cost in time and money to strengthen the system.

But the company struggled with the idea of paying the ransom.

“Every specialist I spoke to told me not to pay. First, it would encourage the hacker to reoffend. And there is also that, generally, even after the ransom has been paid, the hacker does not take the risk of communicating with his victim again to decrypt the files,” Faucher said.

RPM Transit rebuilt its system from a single laptop computer that contained data that was not up to date, but still allowed shipping documents to be recreated. Then a second laptop was added in the rebuilding process. “Twenty people worked with two laptops. It was not a good time for us,” says Faucher.

All computer towers have been reformatted to ensure that no viruses or malware are hiding. Three outside IT people worked full-time to get things right, in addition to the RPM Transit staff.

“Good customers have told us that they weren’t billed for this or that. Thanks to them and our employees, we were able to make up a lot of what had been taken from us, but we lost a lot of time and work in the weeks following the attack. And then Covid-19 came through – above all that,” says Faucher.

Prior to the cyber attack, RPM Transit did not have a full-time IT specialist on staff. This has changed. “Our licences were all renewed, we made updates and we hired one of the full-time IT consultants who worked on this case with us.”

Faucher’s advice: “Even if you think you are safe, you probably are not. It’s worth paying someone to come and check and update your system. It might cost a few thousand dollars, but that’s nothing compared to all the problems it will avoid.”