Once in the door, the “wiper” malware rapidly infected Maersk’s container, terminal and freight forwarding operations. It took nearly five days for the company to clean out and restore its systems from backup, and it may take even longer to restore customer confidence.
Trade is inherently global and distributed, involving many partners—large and small, sophisticated and unsophisticated—who communicate with each other largely by exchanging emails and attachments.
“It’s a tough target to harden as a whole because cybersecurity is only as strong as the most vulnerable spot,” explained American Shipper’s longtime IT editor, Eric Johnson. “All it takes is for one unsuspecting person to open a bad attachment, or one failed or forgotten software update, for the virus to take hold.”
In the immediate aftermath of Maersk’s cyber attack, there will be a lot of attention focused on carriers and their IT security, and rightly so. Maersk’s own investigation into how the Petya virus entered and attacked its system with such swiftness may take some time.
What is known, however, is that over time many companies become at risk of operating aging systems and software programs that without proper updating are prone to crippling cyber attacks and other types of outages. Johnson, who has personally observed many shipping and logistics industry systems as well as spoken with their gatekeepers over the years, noted that often these systems are maintained by the companies themselves, rather than by third-party IT specialists who rigorously stay on top of systems maintenance and malware threats circulating throughout the cyber world.
More importantly, the recent cyber attack involving Maersk should serve as a lesson to all companies in the global shipping industry.
“Emails have no borders. Websites have no borders. Some operating systems function globally. That means global 3PLs are susceptible as well,” Johnson warned.
There are actions that carriers and 3PLs should already be taking on a routine basis to prevent suffering a similar fate.
First, reexamine existing systems protections. Are you confident in the ability of your in-house IT resources to protect your systems? Do you need outside help? Should you acquire new software that’s inherently better at protecting systems and data from intrusion?
Second, reexamine your contingency plans. Do you have a backup system that critical operational functions can be migrated to temporarily? Can you make do with manual processes while a problem is corrected? What’s your plan B, C and D?
And third, plan to constantly update both those protections and contingencies.
For years, we have heard corporate executives explain in countless forums that the handling of shipping data has become just as important—more so in some cases—than the physical movement of the freight. If that is indeed the case, then carriers and 3PLs have the utmost responsibility to ensure that their systems are protected as much as possible, and if a future attack should occur, that their customers are minimally impacted.