Maersk Ransomware Attack has Potential to Disrupt ‘Tens of Thousands’ of Shippers, Warns Analyst

Maersk containerships seen off the port of Algeciras, Spain. File Photo: Port of Algeciras/Juan G. Mata

By Gavin van Marle in Amsterdam (The Loadstar) – The cyber attack on Maersk has the potential to throw global container supply chains into chaos, according to Lars Jensen, chief executive of maritime cyber security firm CyberKeel.

Update: Maersk Says Booking System Back Up and Running After Cyber Attack

Mr Jensen told delegates at the TOC Europe Container Supply Chain conference in Amsterdam today that the attack is likely to spread well beyond Maersk, its terminal operating arm APM Terminals, and its customers.

According to his calculations, Maersk’s shipping lines – Maersk Line itself, Safmarine, Seago, MCC Transport and Sealand – book 3,300 teu every hour, representing some $2.7m in revenue per hour.

At the point of writing that equated to at least some 82,500 teu and revenues of $67.5m – a combination of shipments caught up in ports and on vessels, and likely lost bookings.

“But there are other shipping lines that have boxes on board Maersk vessels – these will not be able to be unloaded; other lines use APM Terminals’ facilities; and even the third party terminals that are unaffected may well have piles of boxes on their facilities that will unable to be cleared,” Mr Jensen said.

The number of shippers affected could amount to the tens of thousands.

“If this goes on much longer they will start to be trying to book with other lines – but guess what, the shippers I spoke to today are being told by other carriers that we have entered the peak season and there’s no space on vessels,” he said.

One forwarder, however, told The Loadstar that due to the attack he was hopeful of getting space on a Maersk ship next month – at a good rate – that might otherwise have been booked. But another said it was a “serious issue”.

Mr Jensen said the attack illustrated the inherent digital weakness of the shipping industry.

“By no way does this imply that Maersk had insufficient security – if someone wants to hack you they will find a way.

“What it does mean is that shipping needs to build resilience into its digital products- it’s not about building a system and laying a security system over the top, but building security up front when you begin to develop a system, which I’m afraid is likely to cost more,” he said.

The Loadstar is fast becoming known at the highest levels of logistics and supply chain management as one of the best sources of influential analysis and commentary.

Check them out at TheLoadstar.co.uk, or find them on Facebook and Twitter.