The Maersk cyber attack should be a wake-up call for the shipping industry, explains editor Martyn Wingrove
Patch your software, upgrade your firewalls and update your antivirus programs, do cyber risk assessments. Shipping has been warned of what happens if a piece of destructive malware gets through, but is it taking note?
Shipowners and managers should not need any more warnings, after seeing the devastation of Maersk’s IT network (as well as other non-maritime companies) last week by a nasty piece of malware.
It has taken Maersk almost a week to return the majority of its IT operations back to some form of normality. This led to six days of backlog on its trading and liner services and several terminals still recovering from disabilities this week. But much more, it has left a significant financial loss and a severe dent in Maersk customer confidence.
Maersk could have prevented the viral attack by patching its operating systems and software and deploying blockchain technology. It did firewall the ships, preventing the malware from spreading to the vessels, but this did not save the IT networks and electronic terminal operations.
Maersk was warned, along with the rest of the Danish shipping industry, of the threats of cyber attack earlier this year, so it should have been prepared. Last week’s attack was similar to the WannaCry one in May – so there were warnings then. But were they ignored?
The Maersk cyber attack should be a wake-up call for the shipping industry to do much more to prevent cyber attacks. IMO has already reacted to the cyber threats by introducing cyber risk management into the ISM Code, ready for enforcement in 2021.
But the Maersk cyber attack should propel the issue to the top of the boardroom now, and ensure investment in cyber security in the future.