The Global Shipping Industry: One Week, Two Cyberattacks

In a world where technology rules, dated systems need to adapt to the ever-growing threat of cybercriminals. Unfortunately, the global shipping industry features those very systems and has, as a result, faced two cyberattacks in one week. The second, which hit just days ago, is causing concern about the potential disruptions that it could cause to supply chains that are already, courtesy of COVID-19, struggling to meet the demand of hungry consumers in peak season. 

The International Maritime Organisation (IMO), a United Nations agency that serves as the industry’s regulatory body, said in a statement on Thursday that it has suffered “a sophisticated cyberattack against the organisation’s IT systems.” The attack took down the IMO website and all of its internal web-based services in one fell swoop, but their technicians were able to “shut down key systems to prevent further damage from the attack.” 

The attack was reported soon after CMA CGM S.A, a leading French container transportation and shipping company, ranked as the worlds fourth-biggest container liner by capacity, announced that its own systems had been compromised. The company spokespeople have stated that their global offices are “gradually being reconnected to the network, thus improving the bookings’ and documentation’s processing times.” 

“We suspect a data breach and are doing everything possible to assess its potential volume and nature,” the company said in a statement sent to major publications via email.

It has to be said that, prominent and troubling as these few incidents have been across the past couple of weeks, they aren’t out of the blue. There has been a rash of cyber incidents across the shipping industry for years, and they’ve been increasingly damaging. Back in 2017, A.P. Moller-Maersk A/S, another “top 5” ranking logistics company suffered an attack that cost them approximately US$300mn.

The Maersk incident “has clearly drawn the attention of scammers and cybercriminals who realised that the shipping industry is acutely exposed,” said Ken Munro, a security specialist at Pen Test Partners, a maritime industry cybersecurity company. “If shore-based systems aren’t available to book containers, ships can’t load and can’t generate revenue. Targeted attacks against shipping lines are therefore lucrative for ransomware operators. 

At this point, experts can’t predict whether the recent attacks will be a temporary stain on the global shipping supply chain, or whether it’ll have extensive damage further down the line, but Bloomberg Intelligence’s logistic specialist, Lee Klaskow, has suggested that cyber threats, in general, are a “near-term headwind and headache for sure.”