Maersk Group Infected By Global Ransomware Cyberattack

he cyberattack disrupted Maersk Group operations from Tacoma to Tangiers.

The international cyberattack that paralyzed Maersk Group's computers has left customers of the world's largest shipping line anxious for answers and wondering how long the disruption will last.

Tuesday's attack was reported to be caused by the "Petya" ransomware. Experts said it resembled a recent assault that crippled thousands of machines worldwide. Tuesday's attack hit a wide swath of the Maersk Group. The Danish company owns Maersk Line, which has a 16 percent share of the global container market and APM Terminals, one of the largest global terminal operators. "We can confirm that the Maersk IT systems are down across multiple sites and business units due to a cyberattack," the company said.

APMT's automated Maasvlakte II terminal in Rotterdam was closed by the attack, as were facilities in other parts of the world, including Pier 400 in Los Angeles. Several US terminals, including APMT's Port Elizabeth, New Jersey, terminal, will remain closed Wednesday. The APMT terminal in Tacoma was among those initially affected. However, it was able to work a Matson ship that uses a different computer system, and was able to accept and discharge Matson containers through the terminal's truck gates.

Maersk was among several companies hit by the cyberattack. Others included third-party logistics provider TNT Express, Russian energy giant Rosneft, French construction materials company Saint-Gobain, British advertising agency WPP, US pharmaceutical maker Merck, and law firm DLA Piper International.

Although most US APMT terminals were closed, Maersk ships calling at third-party terminals at Virginia, Charleston, Savannah, and other ports continued to be worked normally. As of the afternoon of June 27, Maersk ships were berthed at terminals in Oakland, Long Beach, Savannah, Charleston, Virginia, Philadelphia, and New York-New Jersey. Customers hope things return to normal soon. An extended shutdown of terminals makes it more likely that ships will be delayed, causing containers to stack up. 

If the New York-New Jersey terminal remains closed through Thursday or longer, it could cause major problems, especially for refrigerated loads, said Tom Adamski, agent for First Coast Logistics, who represents the New Jersey Motor Truck Association's intermodal council. The APMT closures disrupted shippers' cargo and forced truckers and container yard managers to juggle staff and equipment to cope with the uncertainty. The paucity of detail about the attack and the inability to access information about their containers has shippers worried about what comes next and how they will make contingency plans.

Customers and vendors said they're sympathetic to Maersk's plight.

"What a horrible, horrible situation right now," said Jeff Bader, president of the Association of Bi-State Motor Carriers, which represents drayage operators in the Port of New York and New Jersey. "Everyone that I have spoken to is totally committed to helping them get through this," he said. "This is when friends stand together."

Bader said APMT's Port Elizabeth terminal had agreed to a two-day extension of free time before demurrage is charged for late pickup of containers, and that he expects container lines will grant a similar extension of free time before per-diem detention is charged for late return of equipment.

Rob Movshin, regional manager at Northeast ContainerPort Group at the New York-New Jersey port, said his container yard is beginning to fill with export boxes that customers couldn't deliver to the terminal, but that customers "understand this is beyond our control."Movshin said he's had to redirect containers and chassis to create additional space for delayed boxes. "It's a lot of extra phone calls, a lot of extra coordination," he said.

One issue certain to receive extensive discussion in the days ahead is how companies can protect themselves from cyberattacks. As the shipping industry pushes harder to digitize its operations in a quest for productivity and efficiency, the attack has put a focus on cybersecurity. 

US ports currently receive $100 million annually in port security grants from the Federal Emergency Management Agency. Ports would like to see more, particularly as the risk of cyberattacks rises. Susan Monteverde, vice president for government relations at the American Association of Port Authorities, said the House Transportation and Infrastructure committee had recommended $200 million, and that cybersecurity was a priority for the program. "We're hopeful the appropriations committee will say this should have at least level funding," she said. "Our goal for years now has been this program needs at least $400 million."

While these funds could not have prevented what happened to Maersk on Tuesday, the cyberattack underscores how essential it is ensure that the data and IT systems of US ports, shippers, and transportation providers are secure.

Source: Journal of Commerce