Shipping lines are at risk of potential cyber attacks from Russia, as the latter’s invasion of Ukraine continues.
The US Cybersecurity and Infrastructure Security Agency (CISA) has cautioned of new cyber attacks from Russia or pro-Russian groups reminiscent of the NotPetya assault from Kremlin-backed hackers in 2017. Among the NotPetya attack victims were Maersk and APM Terminals, disrupting their operations for a week. Other victims included FedEx’s European unit TNT Express and the total damage was estimated at US$10 billion.
Lars Jensen, CEO of shipping consultancy Vespucci Maritime, told that any cyber attack on a liner or port operator now will be more severe than in 2017, because of ongoing port congestion and tightness in shipping capacity.
Jensen explained, “Back then, the impact was manageable as there was plenty of overcapacity in both shipping lines and ports. Today, the problem is that all the supply chain congestion means there is no overcapacity at all – in fact, there is too little. A successful hit on a shipping line or a major port will therefore have a large impact on the supply chain.”
While having good cybersecurity protection is key to immunising a company against hacking, this is not something that can be done in the short term, said Jensen, who added, “It’s same as in all other industries. This is not something you can do overnight as it is a long process involving not just IT but also the business processes and people’s behaviour in the companies.”
South Korea’s flagship liner operator HMM, which suffered a cyber attack on its email systems last June, told Container News that the company is monitoring the situation in Ukraine and ensuring the continuity of customers’ supply chains.
“As the threat of cyber attacks on companies has increased in recent weeks, HMM has strengthened preventive measures to protect IT systems and customers’ information, and conducts 24-hour monitoring by raising the level of vigilance against cyber attacks,” said HMM’s spokesperson.
Additionally, Xeneta’s chief analyst Peter Sand told that the Russia-Ukraine conflict heightens the risk of cyber attacks on all companies which have taken an anti-Russia position.
He pointed out that “if one doesn’t stay neutral or support Russia – like some liner companies not calling Russian ports anymore, there’s an elevated risk of attacks from pro-Russia hacker groups.”