Once in the door, the “wiper” malware rapidly infected Maersk’s container, terminal and freight forwarding operations. It took nearly five days for the company to clean out and restore its systems from backup, and it may take even longer to restore customer confidence.
Trade is inherently global and distributed, involving many partners—large and small, sophisticated and unsophisticated—who communicate with each other largely by exchanging emails and attachments.
“It’s a tough target to harden as a whole because cybersecurity is only as strong as the most vulnerable spot,” explained American Shipper’s longtime IT editor, Eric Johnson. “All it takes is for one unsuspecting person to open a bad attachment, or one failed or forgotten software update, for the virus to take hold.”
In the immediate aftermath of Maersk’s cyber attack, there will be a lot of attention focused on carriers and their IT security, and rightly so. Maersk’s own investigation into how the Petya virus entered and attacked its system with such swiftness may take some time.
More importantly, the recent cyber attack involving Maersk should serve as a lesson to all companies in the global shipping industry.
“Emails have no borders. Websites have no borders. Some operating systems function globally. That means global 3PLs are susceptible as well,” Johnson warned.
There are actions that carriers and 3PLs should already be taking on a routine basis to prevent suffering a similar fate.
First, reexamine existing systems protections. Are you confident in the ability of your in-house IT resources to protect your systems? Do you need outside help? Should you acquire new software that’s inherently better at protecting systems and data from intrusion?
And third, plan to constantly update both those protections and contingencies.
For years, we have heard corporate executives explain in countless forums that the handling of shipping data has become just as important—more so in some cases—than the physical movement of the freight. If that is indeed the case, then carriers and 3PLs have the utmost responsibility to ensure that their systems are protected as much as possible, and if a future attack should occur, that their customers are minimally impacted.