My Account

Profiled Partners

  • CSO Alliance
    The World's First Global Members Alliance of Maritime Company Security Officers (CSO)
  • Be Cyber Aware At Sea
    A Global Maritime & Offshore Initiative.
  • Navarino
    The Maritime Industry's Most Advanced Communications & Connectivity Company
  • Be Cyber Aware at Sea
    Start the Course now!


Maersk Aftermath

Lizzy Foster, July 2017 
July 4th 2017
Lizzy Foster, July 2017
One week has passed since Maersk succumbed to the cyber attack by the Petya ransomeware that did such extensive damage worldwide. The maritime and offshore industry would be well advised to pay close attention to the events of the last week, to see the full ramifications of such an attack against one of the largest players in the sector, and heed the warnings of experts in its wake.

Back up and running?
Maersk's IT team had to work throughout the weekend to get systems back on track and, as Sam Chambers of Splash247 reports, the operations at Maersk Line and APM Terminals are 'largely back to normal'. Even so, the company estimates it will only have all it 1500 applications fully functioning by the end of the week with 'client-facing operations to return to normal by Monday'.

This may sound reassuring but the repercussions of the lost days of work last week mean that Maersk had to report to customers that they had 'six days of backlog which needs to be cleared'. Getting the IT systems back online is only one portion of the battle in such an interconnected industry where logistics must run like clockwork in a never-ending chain of demand. Losing even one day's work causes a logistical nightmare and financial loss, impacting upon all the subsidiary companies associated with the cargo business.

Meanwhile as of Sunday 2 July APM Terminal's Rotterdam Maasvlakte II was still only operating at 15% of its normal service with 'no rail or marine service and limited gate services'. Other ports in Los Angeles, Mobile, Port Elizabeth and South Florida were back up and running but manually. They hope to be back to normal within the week too.

What will it cost?
The financial cost of this cyber attack is unquantifiable at the moment, although needless to say it will be substantial. For Maersk this couldn't come at a worse time, having posted one of the biggest losses in Danish corporate history in February - a net loss of $1.9bn for 2016. In the middle of a restructure as well, this is awful timing.

Maersk's problems are rooted in a weak container shipping industry so, for Klaus Lysdal, Vice President of Sales and Operations for iContainers, this predicament may not be unusual. "After years of low earnings and huge losses, some [shipping lines] may not have been as diligent on their security as they perhaps should have been".

Lloyd's of London have looked further into the impact of cyber attacks, saying that businesses should prepare themselves for 'slow burn' costs to cover 'reputational damage, litigation and loss of competitive edge'. Inga Beale outlined it in stark terms: "The reputational fallout from a cyber breach is what kills modern businesses".

KPMG cyber security director Matthew Martindale reported that "while cyber risk has moved up in the business agenda, [they] are failing to factor in the long-term damage that a breach can cause and the cost implications of it."

So, while the industry is very aware of the preliminary impact of cyber attacks, it is not are not considering enough the longer term costs of suffering an attack and budgeting or planning accordingly.

Expert warnings
So what have we learnt from the cyber attack? Experts have been queuing up to offer their explanations of why it happened, where the industry is most vulnerable and advice for how the rest of they can avoid the same pitfalls.

North P&I Club, Colin Gillespie: "Connectivity introduces vulnerabilities. These need to be risk assessed and managed just like any other risk. Cyber security is about building up resilience to attack ,making cyber incidents less likely and better enabling companies to respond to, and recover from, attack."

Navigant, John Boles: Maersk simply needed to apply Microsoft security updates and patching software. You can reduce the vulnerability of server message blocks through regular updates.

Lars Jensen, CEO CyberKeel and SeaIntelligence: Some 44% of carriers show "signs of low levels of cyber security related to very basic elements." He noted one top 20 carrier allows shippers on its e-commerce platform to use 'x' as a password while another top five carrier states the '12345' would be a medium strength password. He also raised that 10% of carriers and 20% of sampled ports and terminals haven't patched vulnerabilities relating to the 2 year old Poodle and Heartbleed cyber threats.

A picture is building of a company much more ill-prepared for a cyber attack than an organisation of that size would ever be expected to be, under-investing in cyber security and now facing unknown and escalating costs that will carry on long after the IT systems are fixed and the orders come back in. And the worrying thing about this picture is that this company is not alone in underestimating cyber threats; there are many that should now take a long look in the mirror and consider how close it came to being their turn.

Sources: The Loadstar, Reuters, Splash247, Marinemec, Financial Times, City AM