More Cyber Attacks: Sharks in the Water for the Shipping World


We all remember that fateful day more than three years ago when the issue of cybersecurity became very real for shipping.

On June 27, 2017, the vicious malware named “NotPetya” hacked into Maersk’s system in what is known as one of the “most devastating cyberattacks in history.” One of the most technologically advanced (if not the most technologically advanced) carriers was brought to its knees. Booking agents were transported back thirty years to the time of handwriting booking details on old slips fished out of long-forgotten storage boxes and entire ports, worldwide, were crippled. Terminals from all over the world had become catatonic with frozen cranes and downed gates. The virus had even spread to the vessel computers, preventing Electronic Data Interchange (EDI) between the vessel and port from taking place. The cyber-attack, once all was said and done, ended up costing Maersk over $300,000,000 – only a drop in the bucket of the greater $10 billion in total costs of the malware’s global damages to governments and other companies.

It took only one computer to crash Maersk’s global operations, and fortunately it took only one domain controller to restore: a Ghanaian domain controller was knocked offline due to a power outage and hadn’t returned to the network in time for NotPetya to take control. Maersk was saved by nothing short of a miracle. It took weeks for Maersk to become operational again and months to return to a state of normalcy. A company moving roughly one-fifth of the global supply chain was crippled, all due to a malware that wasn’t even intended for them.

Although the shipping industry has learned valuable lessons about cybersecurity and has been working to improve its preventative measures, that doesn’t mean it is safe from future attacks. French shipping conglomerate CMA CGM confirmed on Monday, September 28th that it was experiencing a cyber-attack from a ransomware called “Ragnar Locker.” Fortunately, the company was able to interrupt external access to their applications in order to prevent the spread of the virus.

Now, hackers have targeted another gargantuan player in the shipping game: The International Maritime Organization (IMO).

Splash247 reported that on October 1st at 10:30 AM, the IMO admitted that the cause of their website failures was not, in fact, due to any technical issue as they had previously stated, but instead was due to a cyber-attack. At this point, no details have been made available. The IMO announced that they are working with UN IT in order to restore their systems and identify the source of the attack. Further information will be made available going forward, but at this point it is all too soon to tell.

How can we better protect ourselves and our customers?

At this point, it seems that the measures we have at the moment are solely reactionary – i.e. in the form of CMA CGM cutting off access to prevent further damages from occurring. The question now is: how can carriers and major players take the right preventative measures? The ultimate goal is to stay ahead of these attacks, allowing agencies the ability to act instead of react.

The industry was slow to get onboard with technological advancements but has improved greatly within the last five years. Now, it is time to get the ball rolling with the improvement of cybersecurity.