APMT crippled by Petya cyber attack

27 Jun 2017
Seventeen APMT terminals have been hit by the attack

Seventeen APMT terminals have been hit by the attack

International operator APM Terminals has been hit by a cross-border cyber attack which has sent IT systems down across multiple terminals and business units.

Dutch broadcaster RTV Rijnmond reported that seventeen shipping container terminals run by APMT have been hacked, including two in Rotterdam and 15 in other parts of the world.

Media speculation surrounds terminals being affected at some of APMT's biggest operations including the Gateway Terminals India (GTI) at JNPT, the Port of Los Angeles and New York in the US. 

APMT parent AP Moller Maersk has confirmed that it was hit as part of a global cyber attack but said that the issue remains contained as it continues to work towards technical recovery.

The group said that the attack has affected multiple sites and select business units, although it said that until analysis is complete it can not be specific about how many sites have been affected or when normal business operations will be restored.

"We are responding to the situation to contain and limit the impact and uphold operations. We continue to assess and manage the situation to minimise the impact on our customers and partners," it said in a Tweeted update.

Meanwhile, Maersk confirmed that its entities Maersk Oil, Maersk Drilling, Maersk Supply Services, Maersk Tankers, Maersk Training, Svitzer and MCI remain operationally unaffected, as do Maersk Line vessels.

The majority of terminals are operational but some are operating slower than usual or with limited functionality. Damco also has limited access to certain systems and a continuity plan has been implemented in order to protect customer's cargo flows.

Lessons to learn

Ian Hirst, Cyber Security Consultant at MAST commented: “Although a patch was released in March to protect systems from the infection, it appears some companies have not updated their systems despite the catastrophic consequences of leaving these updates unchecked."

“These types of attack and far reaching repercussions and are entirely preventable through the application of robust Information security governance and assurance."

He added that there are also some basic steps companies should carry out in the event of a cyber-attack. Firstly companies not pay the ransom as it is likely the email address used by the attackers has been disabled. Secondly, companies should try to interrupt the boot cycle before the encryption software loads, then format drives and reinstall from a known uncorrupted backup. Lastly, companies should ensure all platforms are patched and antivirus is kept up to date. 

"These simple steps will ensure an attack is completely preventable in the future," he said.

Antti Kaunonen, President of Kalmar, told Port Strategy: “Ports are very important from a trade flow perspective so this industry must be extremely conscious of the threat and be ready to invest in cyber security. Those misusing networks are becoming more and more professional and with limitless amounts of money, anything is possible." 

"This recent attack confirms that you must not downplay the threat of a cyber attack in shipping and on ports. The attack must serve as a wake-up call to the industry. There will be lots of lessons from this attack; we must make sure that we learn from them.”

The bigger issue

Major firms, airports and government departments in Ukraine have also been also struck by the so-called Petya cyber attack.

For APMT the biggest issue right now will be trying to complete operations manually in order to prevent the clog up of cargo and the backlog of operations.

But on a wider scale, there are raised worries that the destructive software could ricochet around the world and disrupt the critical supply chain.

Ports and terminal operators are currently grappling with how to modernise their aging cargo-tracking systems all around the world.

Many are pushing forward with making their digital data more accessible to shippers, retailers, cargo movers, truckers and other stakeholders. But there is still concern in the industry that this data sharing may make operations more vulnerable to security breaches and cyber attacks.

Earlier this year, APMT, Maersk and Mediterranean Shipping Company launched a pilot programme to track cargo and share information with its clients.

Links to related companies and recent articles ...

Port of Rotterdam

view more

Maersk Line

view more

APM Terminals

view more