Two key players in the global shipping industry have been trying to restore computer networks and assess the damage from separate cyberattacks this week that are adding short-term complications to supply chains already straining ahead of peak season for consumer demand.
The International Maritime Organization, a UN agency that serves as the industry’s regulator, said on Thursday it suffered “a sophisticated cyber attack against the organization’s IT systems.” The breach affected its public website and internal systems, it said. The IMO’s web page remained down Friday morning in London.
That attack followed the disclosure earlier this week by closely held CMA CGM SA, the world’s fourth-biggest container liner, that its information systems were compromised. The Marseille, France-based company said on Thursday that offices are “gradually being reconnected to the network thus improving the bookings’ and documentation’s processing times.”
“We suspect a data breach and are doing everything possible to assess its potential volume and nature,” the company said in an emailed statement. CMA CGM is among the world’s five leading container liners that account for 65% of global capacity, according to Alphaliner data.
There’s no evidence yet that the incidents are linked, but both disruptions are extensive and that possibility is being considered, according to a report by maritime intelligence service Lloyd’s List.
A rash of cyber incidents has afflicted the shipping industry in recent years, the biggest of which was an intrusion that cost Copenhagen-based AP Moller-Maersk A/S about $300mn in 2017.
The Maersk incident “has clearly drawn the attention of scammers and cybercriminals who realized that the shipping industry is acutely exposed,” said Ken Munro, a security specialist at Pen Test Partners, a cyber-security company with clients in the maritime industry. “If shore-based systems aren’t available to book containers, ships can’t load and can’t generate revenue. Targeted attacks against shipping lines are therefore lucrative for ransomware operators.”
While it’s too soon to say whether the recent attacks will prove to be a brief irritant or something more damaging, logistics experts like Bloomberg Intelligence’s Lee Klaskow say the cyber threats are a “near-term headwind and headache for sure.”
The timing of the latest acts of cyber piracy is particularly bad for shipping liners still waiting to see some normalcy restored to their seasonal cycles. The pandemic threw supply chains out of sync for everything from paper towels to computer monitors, as consumers were forced to work from home and purchase necessities online. Aboard ships, hundreds of thousands of crew members have been prevented from returning home to take time off because of travel restrictions.
“With 400,000 seafarers currently stranded at sea across the world, any further disruptions, be it cyber or otherwise, shouldn’t just worry to the shipping community but every single individual involved in the global value chain,” John Stawpert, manager for environment and trade at the International Chamber of Shipping, said in an emailed statement on Friday.
The demand on shippers, which reduced capacity initially in anticipation of deep recessions caused by Covid-19 outbreaks, hasn’t really abated since lockdowns ended because e-commerce purchases have stayed strong and companies are restocking inventories.
As a result, the benchmark cost to move cargo containers across the Pacific has tripled since the start of the year.
According to a research note on Friday by Panjiva S&P Global Market Intelligence, “the hack comes at a potentially challenging time for CMA CGM’s Asia business, as retailers may be concerned about disruptions in the lead up to an already-uncertain peak sales season.” The shipper does significant business with retailers, including Walmart Inc, Sunbeam Products Inc, Michaels Cos and Mattel Inc, Panjiva S&P Global said.
Lars Jensen, CEO and founder of SeaIntelligence Consulting in Copenhagen, said that as of Friday, he was assuming the IMO’s problems are of “minor practical consequence.”
For CMA CGM, he noted that it took Maersk eight days to mostly restore functions and four to five weeks to recover fully. It was a costly interruption for the world’s biggest container liner but it didn’t create significant problems for the global supply chains, he said.
“It appears, for now, that marine operations function for CMA CGM and therefore the main impact is more likely to be felt in CMA CGM’s commercial sections,” Jensen said.
The interruption of service was caused by a cyber attack against our IT systems. IMO is working with @UN IT and security experts to restore systems as soon as possible, identify the source of the attack, and further enhance security systems to prevent recurrence. pic.twitter.com/EzUQzqXMEF
— IMO (@IMOHQ) October 1, 2020