At the beginning of last week, the world’s fourth-biggest container company, CMA CGM, was the victim of a cyber attack by hackers using Ragnar Locker ransomware. Despite initial denials that the incident had taken place, the company later confirmed that it had taken its network offline to prevent the malware spreading further.
The lack of information from CMA CGM following the incident led to complaints from customers speaking to Lloyd’s List that they had to revert to manual processes for bookings and were concerned that existing bookings were not being loaded and shipped.
Systems were gradually being brought back online throughout the week, but the company warned that it suspected the theft of data from its systems had taken place.
The incident with CMA CGM is not a new threat to the shipping industry and follows other high-profile attacks on Mediterranean Shipping Co over the Easter weekend earlier this year, Cosco Shipping in mid-2018 and Danish carrier Maersk the year before.
What appears to have changed now is the targeted nature and frequency of the ransomware attacks, as well as emboldened groups using increasingly advanced malware.
Just three days after the attack on CMA CGM, the International Maritime Organization, which itself has been urging companies to act on cyber risks ahead of new legislation coming into force at the start of next year, was similarly hit by hackers, making its website and internal intranet services unavailable.
This was not the first time the UN agency had been attacked, but it is the most serious and access to systems and communications are still only gradually restored.
It also emerged in the past few days that Danish logistics company Blue Water Shipping was targeted last month, ahead of the CMA CGM and IMO attacks, but fortunately they, together with external security specialists, were able to repel several attempts to penetrate their systems.
Shipping has undoubtedly been slow to heed the warnings of cyber crime but it desperately now needs to speed up progress or potentially face crippling financial losses as well as the trust of customers.
Insurers and lawyers told Lloyd’s List last week that shipowners need to be aware that such crimes will not normally be covered by hull and machinery policies, most of which include an explicit exclusion clause, with insurers simply needing to show that system vulnerability was exploited with malicious intent.