My Account

Profiled Partners

  • Be Cyber Aware At Sea
    A Global Maritime & Offshore Initiative.
  • Navarino
    The Maritime Industry's Most Advanced Communications & Connectivity Company
  • Be Cyber Aware at Sea
    Start the Course now!
  • CSO Alliance
    The World's First Global Members Alliance of Maritime Company Security Officers (CSO)


Maersk sees cyber attack

www.tradewindnews.com, June 2017 
June 28th 2017
www.tradewindnews.com, June 2017
Yesterday we all saw the breaking news of cyber attacks, causing nationwide chaos. The Maersk's cyber security breach is the first to hit a major shipping firm so publically and this article from the Tradewind News gives more detail on the facts and includes some commentary from Jordan Wylie, the founder of Be Cyber Aware At Sea.

Now is the time to learn the lessons and prepare and protect yourselves. You can read the article online here.

AP Moller-Maersk says its subsidiary APM Terminals has been impacted in a number of ports following yesterday’s cyber-attack, but its other businesses are unaffected.

In a new update provided earlier this morning, the Danish conglomerate said it has contained the issue and is working on a technical recovery plan with key IT partners and global cyber security agencies.

The company’s systems across multiple locations and business units went down yesterday due to a cyber-attack named Petya.

Maersk said: “We have shut down a number of systems to help contain the issue.

“At this point, our entities Maersk Oil, Maersk Drilling, Maersk Supply Services, Maersk Tankers, Maersk Training, Svitzer and MCI are not operationally affected.

“Precautionary measures have been taken to ensure continued operations.”

Vessels able to communicate

The Danish shipowner added that Maersk Line's vessels are manoeuverable, able to communicate and crews are safe.

Maersk Line operates almost 600 vessels that call at a port every 15 minutes.

Cyber security experts told TradeWinds that on such an occasion, the first step would be to go offline and reduce the number of online systems onboard to a minimum.

They also noted that ships have more communication abilities than an Airbus320, thanks to their satellite and radio communication systems. 

“Business continuity plans are being implemented and prioritised,” Maersk added.

“The aggregate impact on our business is being assessed.”

Jordan Wylie, managing director of JWC International and founder of Be Cyber Aware At Sea Campaign, told TradeWinds: “The business disruption here is extremely challenging and damaging for this shipping super giant and their crisis management plans will no doubt be in full swing.

“This incident highlights we are now starting to see an intent from criminal or other threat actors that is perhaps more sophisticated in nature.”

He added that taking out a business headquarters or a series of port terminals is much more disruptive and damaging to an organisation than taking out a single vessel.

Yesterday's ransomware attack also had an impact on other companies around the globe, including some UK firms, Russia’s Rosneft and Ukrainian banks.

What is ransomware?

It came one month after the “WannaCry” attack, which targeted parts of the UK’s National Health System (NHS).

Wylie said: “When a computer is infected, the ransomware encrypts important documents and files and then demands a ransom, typically in Bitcoin, for a digital key needed to unlock the files.

“The Petya ransomware takes over computers and has demanded a $300 payment.

“The malicious software spreads rapidly across an organization once a computer is infected using the EternalBlue vulnerability in Microsoft Windows or through two Windows administrative tools.

Chris Henny, from CSO Alliance that is currently working on setting up a website for anonymous crime reporting, said: "Because of its configuration and the way it’s been put together it has been a virus that appears for the first time, which means that none of the anti-virus people has any counters to it.

"The speed of propagation and infection is quite significant, it’s spreading very very fast.

"This is not something that can be handled on a national level."

"Not only a ransom issue"

Although the immediate impact of the Petya virus is the ransom required, Ince & Co claims the consequences of such attacks are more complex.

Rory Macfarlane, a Hong Kong-based partner at Ince, said: "To view losses from these attacks purely in terms of “ransoms paid” is a mistake. 

"Losses incurred in terms of business interruption, rectification and reputation will be extensive and will continue to grow as these attacks become more and more common."

Ince forecasts that the global cost of cyber-crime annually will rise by 2021 to £2.45 trillion.

Industry not immune

Nick Brown, Lloyd's Register Marine & Offshore director, added: "As we have unfortunately seen this week, our industry is far from immune to these incidents and the consequences are far reaching. 

"There is no one ’magic’ solution and needs vary from business to business however, the greatest security vulnerabilities come from people; 90% of cyber security incidents can be traced back to human error or intent. 

"Training is vital to increase the overall awareness of cyber risk and ensure that the appropriate behaviours, awareness, attitudes and technical skills are embedded within a business."