Global Maritime Regulator Hit by Cyberattack

Date: Friday, October 2,  2020
Source: The Wall Street Journal

The International Maritime Organization, the United Nations arm that regulates global shipping, said its London headquarters has been hit by a cyberattack that brought down its website and internal web-based services.

The regulator was hit “by a sophisticated cyberattack against the organization’s IT systems that overcame robust security measures in place,” the IMO said on Thursday. “IMO technicians shut down key systems to prevent further damage from the attack.”

The hack was the latest in what appear to be a increasing number of cyberattacks on companies and organizations around the world this year. It follows a malware attack that hit containership company CMA CGM SA last weekend, crippling the French carrier’s booking and electronic communications network.

The IMO’s main website has been down since Wednesday, and the organization said it is working with U.N.’s information technology and security experts to restore systems as soon as possible. It said its email system is working.

Security experts at the IMO and CMA CGM said they believe the two incidents are probably unrelated. But the frequency of cyberattacks against the maritime sector has increased this year, underscoring weaknesses in security systems at companies that are major carriers of global goods trade.

“Shipping has been relatively slow in taking the threat seriously,” said Lars Jensen, chief executive of Copenhagen-based SeaIntelligence Consulting and maritime security adviser to cybersecurity firm Improsec. “The industry is a relatively latecomer to take measures to defend itself and that makes it the easiest prey in the Savannah for criminal gangs.”

The IMO has written guidelines for tougher cybersecurity defenses for ports and vessel operators that are set to take effect in January.

The attack on the maritime group follows a series of breaches of technology networks that have hit the world’s four largest container shipping lines in recent years, along with other big freight operators.

The largest of those came in 2017 when Denmark’s Maersk Line, the shipping unit of A.P. Moller-Maersk A/S that is the world’s biggest container operator, was hit by the global NotPetya ransomware attack that crippled the carrier’s operations for a time. It cost the carrier $300 million to repair the damage.

Chinese container line Cosco Shipping Holdings Co. was hit by a cyberattack in 2018 and Geneva-based Mediterranean Shipping Co. suffered a network outage earlier this year that was believed to be the result of a cyberattack.

Although nation-state hackers may have specific political or military objectives for cyberattacks, the majority of ransomware and other intrusions are financially motivated. Regulators such as the IMO often hold valuable data on individuals and companies, making them a target, said Paul Ferrillo, a partner at law firm McDermott Will & Emery LLP in New York with expertise in cybersecurity and data breaches.

“If you have membership data, if you have personal information, you have something to steal,” Mr. Ferrilo said.

Read from the original source