MSC container line websites back online after malware outage

container ship

The online services of Mediterranean Shipping Company (MSC), the second largest container line in the world, are now back online after an extended outage due to a cyberattack.

The company’s website, msc.com, and its online booking platform, myMSC.com, went offline last Thursday night. In the interim, customers were able to continue bookings by telephone through agents, as well as through third-party online platforms of companies including INTTRA, GT Nexus and CargoSmart.

The outage was restricted to MSC’s headquarters in Geneva, Switzerland, and did not affect any of the company’s other departments, terminals, depots and facilities elsewhere in the world.

“MSC confirmed that a recent network outage …. has now been resolved and all internal systems are fully functional,” the company said on Wednesday morning.

The company also confirmed that the outage was indeed the result of malware, as initially reported. “After a thorough investigation … we determined that it was a malware attack based on an engineered targeted vulnerability,” it said.

“We have shared, as per industry standards, the malware with our technology partners so that mitigations could be made available not only to us. We will not be commenting further in detail on this point, as this would be counter-productive from a security perspective,” it continued, although it added that “if in due time we feel that there are any important lessons or best practices to learn, we will share information via the appropriate industry forum or directly with other companies.”

This marks the third significant malware attack against container lines in the past three years.

Maersk was severely impacted by the so-called NotPetya attack in June 2017. The ransomware was believed to have targeted Ukrainian businesses; Maersk was caught in the crossfire, with disruptions causing a 20% drop in volume. Maersk said in its 2017 annual report that the attack cost the company $250 million to $300 million.

In July 2018, North and South American operations of Chinese carrier COSCO were hit by a cyberattack that disrupted communications systems for a week. Operations quickly recovered and disruptions were minimal.

Lars Jensen, CEO of Copenhagen-based SeaIntelligence Consulting, said in an online post, “Within less than three years, we have now seen the three largest container lines impacted by cyber incidents. In every case, it is clear that one of the most important mitigating factors is the people — the ability to keep the business running without the use of the digital tools for an interim period.”

He continued, “A consequence of the pandemic will be the sharp acceleration in the use of digital tools, for a wide range of good reasons. This will also lead to a stronger dependence on the functioning of these tools.

“Fear of cyberattacks should not hold back this development,” Jensen continued. “But everyone would need to consider carefully what their backup plans are and how to retain the practical skills with their people to manage a crisis situation, and not simply see this as an opportunity to reduce the staff, believing the tools to be infallible. People are indispensable in a digital world.” Click for more FreightWaves/American Shipper articles by Greg Miller