10 July 2017 09:47 am
Global shipping giant A. P. Moller-Maersk (Maersk), which is also the market leader in Sri Lanka, appears to have dealt with the recent mass cyber-attack smoothly in Colombo, shipping industry sources said.
A massive cyber-attack last week left Maersk’s suite of 1,500 digital applications down and thousands of clients across the globe were unable to
receive shipments.
A source who wished anonymity said that the local Maersk office had worked well overtime using manual documentation processes to load a Maersk ship, which had called on Colombo, and that deliveries which were the main concern, are now being handled.
Sri Lanka is a heavily import-dependent economy, and Maersk controls the largest share in the shipping market by a wide margin, according to the source.
The local Maersk arm in a comment said that interested parties should refer to its websites in order to get updates on the situation.
The websites stated that tracking and shipment binders are now online, and that other systems are being made operational as fast as possible. Maersk ships one in seven containers worldwide.
Institute of Chartered Shipbrokers Former Chairman Maxwell de Silva said that the attack on Maersk was a wakeup call for the entire shipping industry.
“Cyber security has to be taking more seriously, and there needs to be proper backup systems,” he said.
CICRA Director/CEO Boshan Dayaratne, a leading cyber security specialist, said that the attack on Maersk was done using a platform similar to the Petya ransomware.
“These malware go into the administrative computers of a network and hold the entire system hostage. From what I can tell, this attack was done using a platform similar to the Petya ransomware, but I didn’t hear that they were held for ransom,” he said.
He said that usually, such an important administrative computer is restricted from entering many websites, installation of software, and administrators are advised not to connect devices such as USB drives.
“But the safeguards go down if a user doesn’t know how to use the computer with the proper safeguards. Sometimes a person with administrative privileges may take such a computer abroad, and connect to unsecure networks, or use a USB drive,” he said.
However, he noted that with the Maersk attack the surprising aspect was how the virus had taken down the entire global network.
“Usually, networks are containerized, so that a virus in a company’s networks in another country won’t spread to Sri Lanka. So, this is a disaster. I don’t know whether Maersk had containerized and if that didn’t work. If they hadn’t containerized, they weren’t following basic security protocols,” he said. (CW)