Maersk working to restore shipping business operations after cyber attack
Danish shipping company Maersk Line has reported that its computer systems were affected by the recent Petya cyber-attack, which disrupted a number of businesses worldwide.
Maersk noted in a statement that the issue has been contained and work to devise a technical recovery plan is now underway.
The ransomware attack delayed the delivery of cargo by disturbing the company’s usual order processing system, reported Reuters.
The Petya cyber-attack initially began in Europe before spreading around the world.
Maersk deliberately shut down multiple IT systems across multiple sites and selected business units as a precautionary measure to prevent further damage.
The move affected their email systems, which in turn further disrupted the company's normal business operations.
Maersk is currently using alternative ways to take orders manually in order to ensure the greatest possible business continuity with its clientele and partners.
The overall impact of the cyber-attack is yet to be determined as the company continues to assess the situation.
Maersk is consulting several IT experts such as national cyber-crime agencies and IT industry leaders in order to facilitate the complete restoration of its operations without further disruption.
International risk management company MAST noted that the cyber-attack affected container shipping, port and tugboat operations, oil and gas production, drilling services and oil tankers.
MAST cyber security consultant Ian Hirst said: “The cyber-attack seems to have emanated from the Ukraine, with malicious software embedded in an accounting program used by the Ukrainian Government.
“The ransomware used exploits the 'EternalBlue' vulnerability in Microsoft based platforms.
“Although a patch was released in March to protect systems from the infection, it appears some companies have not updated their systems despite the catastrophic consequences of leaving these updates unchecked.”
It is reported that company's other entities, including Maersk Oil, Maersk Drilling, Maersk Supply Services, Maersk Tankers, Maersk Training, Svitzer and MCI were not affected.
All Maersk vessels are also reported to be under control, while communication to on-board crew and management continues to function.
Most of the company's terminals have also restored operations; however, some terminals are only operating with limited functionality at this time.
Hirst further noted: "These types of attack and far reaching repercussions and are entirely preventable through the application of robust Information security governance and assurance. There are also some basic steps companies should carry out in the event of a cyber-attack.
"It is very important that companies do not pay the ransom as it is likely the email address used by the attackers has been disabled.
"Secondly, companies should try to interrupt the boot cycle before the encryption software loads, then format drives and reinstall from a known uncorrupted backup.
"Lastly, companies should ensure all platforms are patched and antivirus is kept up to date. These simple steps will ensure an attack is completely preventable in the future.”