“Imagine a company where a ship with 10 to 20 thousand containers is entering a port every 15 minutes, and for 10 days, you have no IT, It’s almost impossible to even imagine.”
Jim Hagemann, Chairman Moller-Maersk about the attack
Maersk, the Damish transport and logistics giant has revealed that the massive ransomware attack that hit Europe in 2017 caused an estimated $300 million dollar in damages by completely crippling its IT systems. The company with operations in more than 130 countries was hit drastically by the virus that had targeted a total of 17 shipping container terminals operated by it around the world. Maersk is one of the largest container ship and vessel operator that holds 16% market share around the world with 25% of the cargo being shipped on the busy Asia-Europe route being handled by it.
The NonPetya ransomware
An iteration of the Petya ransomware that was released earlier, NonPetya was developed using a trove of leaked National Security Agency hacking tools that were released by the Shadow Brokers hacking group in April 2017. The tools were allegedly used by the NSA to target banks and since their release, these exploit kits have been used to rapidly spread a number of ransomwares around the world.
The WannaCry ransomware that is considered one of the largest attacks in recent times was also developed and spread using the same tools. These NSA exploits were designed to target flaws in the Microsoft Windows systems allowing them to break in and encrypt sensitive information and then holding it hostage in order to obtain ransom payments in terms of cryptocurrencies or cash.
Maersk and cyber security
Maersk Chairman Jim Hagemann while speaking at the World Economic Forum revealed that the company was average in terms of cybersecurity which allowed it to be targeted so easily. It is one of the most high profile victims of a ransomware attack that reportedly caused them to completely overhaul their IT systems. In total almost 4,000 servers, 2,500 applications and 45,000 PCs were reinstalled by the logistics giant in 10 days.
Despite the massive effort Maersk Chairman stated that they only suffered a 20% loss in their operations in a move he credited to the workforce that manually kept the other part of the operations going. Ever since the episode the company has said that they’ve put in extensive and further cyber security measures in place to ensure that an episode like this doesn’t reoccur.
Maersk is not the only company to have suffered from ransomware attacks in recent times. Reckitt Benkiser; the manufacturers of Dettol, Durex and FedEx have all reported being hit the viruses that caused between $110 and $300 million worth of damages to the companies respectively.
Ransomware has recently grown quite immensely in popularity to a wide variety of features but the most prominent of these in terms of the victims is that it is very difficult to protect against since it is spread by minimal means like spam emails but has catastrophic effects on the systems that results in heavy losses.