PortandTerminal.com, April 15, 2020
Updated (April 15, 2020 6:30 GMT)
In a FAQ published Wednesday, MSC confirmed that the outage was the result of a malware attack impacting a limited number of computers systems.
“After a thorough investigation, we confirmed that it was confined to a limited number of physical computer systems in Geneva only and we determined that it was a malware attack based on an engineered targeted vulnerability,” the FAQ said.
GENEVA, SWITZERLAND – After being knocked offline for four tense days, MSC Shipping announced today that their systems are back up and running.
In a statement issued today the company confirmed that “…a recent network outage at the company’s headquarters in Geneva has now been resolved and all internal systems are fully functional. All MSC booking options and the website msc.com are available again.”
What the company has not said was whether or not they were the victim of a cyberattack. Shortly after they were knocked offline they issued a statement on Twitter saying that they had “…not ruled out the possibility of malware” being the cause of the problem.
MSC’s statement today did offer a gentle hint of what happened when it said: “…we remain focused and cautious in our approach to information technology…”
While MSC considers this incident to be resolved, we remain focused and cautious in our approach to information technology and committed to minimising the risk of systems outages. We thank all our customers for their patience and support while we worked hard to make all systems available again as soon as this was possible.MSC Statement (April 15, 2020)
One thing remains clear. Shipping, ports and terminals are critical parts of the supply chain that are vulnerable to cyberattack. Let’s congratulate the team at MSC for their hard work to get back up and running and use their experience as a caution to all supply chain participants during this pandemic.
Last week INTERPOL issued a warning to organizations at the forefront of the global response to the COVID-19 outbreak that they have also become targets of ransomware attacks, which are designed to lock them out of their critical systems in an attempt to extort payments.
To support global efforts against this critical danger, INTERPOL informed that they had issued a Purple Notice alerting police in all its 194 member countries to the heightened ransomware threat.
We (and others) warned at that time that “While INTERPOL’s alert does not mention ports, shipping and other critical maritime infrastructure, we believe that it too is or will soon be attacked in a similar manner by cybercriminals during this critical time of supply chain vulnerability.“