If you thought it was just data centers and financial institutions that were prone to cyber mayhem, think again. In June, the world’s largest tank container shipping conglomerate was the victim of a cyber attack that brought down its worldwide IT systems and affected multiple areas of its operations.
In a June 27 statement, Denmark-based A.P. Moller-Maersk Group didn’t specify which of its offices and divisions had been targeted, but social media follow-up of the event indicates the effect has been far-reaching within the company. From June 27 to July 9, the group noticed that order-processing and cargo shipments were delayed, and that some ports in the United States, India, Spain and the Netherlands were congested.
Ransomware attack suspected
Industry insiders who have some knowledge of the Maersk incident believe it was a “ransomware attack,” in which the perpetrator gains entry into a database and encrypts it, blocking authorized personnel from accessing it. The attacker then notifies the owner of the database that access can be restored if a certain amount of money is paid.
Sources say the Danish tank container shipping company began taking down various systems after the onset of the attack and lost no actual data. Shortly after the incident, Maersk was employing alternative channels to communicate with customers and process orders and expects that full operations will be restored with no significant downtime.
Contingency planning is the best defense right now
Maritime expert Lars Jensen, quoted on AmericanShipper.com, said “ransomware attacks can affect just about any kind of system or company.”
“The important thing is the level of sophistication of the attack,” Jensen said. “The reality is anybody can be penetrated provided the attack is sufficiently sophisticated.” In a 2014 report, Jensen wrote that tank container shipping companies and in general “the maritime industry is shown to be vulnerable to a wide array of cyber risks, and multiple examples of actual breaches have been seen.”
Jensen, who worked for about 12 years in various capacities for Maersk, runs a company whose focus is helping other companies bolster their defenses against cyber attacks which includes developing strong contingency plans. The thinking is that, while you can’t prevent malicious behavior, you can have a set of protocols in place that govern what you’ll do to minimize the impacts and recover quickly should you become a victim.
In the case of the June 27 global ransomware attack at the Jawaharlal Nehru Port Trust (JNPT) terminal, the so-called “Petya” cyber attack demanded money from A.P Moller- Maersk Group to restore access to their system. While A.P. Moller-Maersk Group seemed to downplay the length of time it would need to fully restore all its systems, they were able to get back up and running by July 9. For this reason, as pointed out by Lars Jensen, a fully developed, comprehensive contingency plan should be ready to launch for any business which depends on comprehensive database access.
Stories like this remind us that regardless of the size, scope and type of business, there is no such thing as guaranteed safety. For those in the tank container shipping industry, this should be a wakeup call to get a meaningful and comprehensive contingency plan in place to ensure that future attacks are met head-on and that the flow of business is minimally disrupted.