COSCO has released a statement to its customers informing them of a “local network breakdown” that is affecting the ocean carrier’s communications in the company’s America regions.
In response to the problem, COSCO has disabled its email and telephone systems and shut down connections to other regions while further investigations continue.
The company has claimed to have taken effective measures, and expects communications with other regions to be re-established “very soon”.
Such a reaction to an IT issue is a common protocol during a cyber-attack.
Tuomas Kiiski reviews some major maritime cyber incidents in a recent Port Technology technical paper
The reason for the breakdown been described as a “ransomware attack” by media outlets.
COSCO is commencing a computer inspection with anti-malware software, and sent warnings to staff to ignore “suspicious emails”, according to Lloyd’s List.
Although full details of the situation remain unclear, COSCO have stated that all of its vessels are operating as normal, while business operation systems are also performing stably.
Business operations in the affected area are still being carried out, with COSCO working as quickly as possible to make a full recovery.
Global Container Terminals, a Canadian terminal operator, has reported that a “ransomware cyber attack” on one of its shipping customers has “compromised the defenses of that company and potentially put the network of its customers and stakeholders at risk”.
It stated: “While GCT’s Information Technology infrastructure has not been affected as of this communication, rest assured that the OneGCT cybersecurity team has taken additional precautions to quarantine information and strengthen our defenses, to ensure there is no disruption to our operations.
“These actions are above and beyond all the cyberdefense work that GCT has done in the past 15+ months.”
When Maersk was hit by a cyber-attack last year, the damage caused to its shipping operations was estimated to be worth USD $200-300 million.