Clarkson Platou Cybersecurity Attack

Clarkson Platou cybersecurity attack


Distinguished shipbroker Clarkson PLC needs no introduction. As the world’s leading integrated shipping services provider they started the decade off on a high note with a series of high-profile acquisitions. The company acquired engineering giant Gibb Tools in 2013 and achieved a historic $440 million dollar merger with rival RS Platou to form the indomitable Clarkson Platou. The Clarkson Platou cybersecurity attack of November 7, 2017, would soon cast a shadow, however, over the conglomerate’s streak of good fortune placing the company on the growing list of maritime corporations that have been recently affected by cybercrime.

Nature of the Clarkson Platou cyberattack

Unlike the NotPetya attack which was indirect but still devasted Maersk and cost the company an eye-watering $300 million dollars, the Clarkson Platou cyberattack was deliberate.

Unauthorized third parties gained entry into the company’s network via a compromised user account. The objective of the attack was to steal sensitive information and use it to demand a ransom. Company data spanning six months was copied by the cybercriminals.

As soon as the breach was discovered, Clarkson Platou responded quickly, launching a comprehensive investigation into the incident. The firm refused to negotiate and settle and instead went on the offensive alerting key stakeholders about a potential compromise and leak of their personal information.

Following the attack, Andi Case, CEO of Clarksons released a statement, “Issues of cybersecurity are at the forefront of many business agendas in today’s digital and commercial landscape, and despite our extensive efforts we have suffered this criminal attack.”

“We’re working closely with specialist police teams and data security experts to do all we can to best understand the incident and what we can do to protect our clients now and in the future. I hope our clients understand that we would not be held ransom by criminals.”

Clarkson Platou cyberattack ramifications

Clarkson Platou’s forensic investigators were able to track and successfully recover the illegally copied data. The company’s stock wasn’t so fortunate. Traded on the FTSE 250, FTSE All-Share, FTSE 30 and FTSE 350 Low Yield indices, Clarkson share price fell by more than 2% following the cyber incident announcement.

Individuals who do business with Clarkson Platou were notified of the incident as their personal information including names, date of birth, Social Security number, and addresses may have been compromised. Clarkson Platou arranged to enroll affected parties in a one-year identity protection service free-of-charge. Victims were advised to alert their banks about the recent incident and ask their banking institutions to issue a ‘fraud alert’ on their files.

It is to Clarkson Platou’s credit that despite this being a ransom-oriented attack, they did not give in to pressure and pay the perpetrators any money.

What is behind the recent increase in maritime attacks?

The Clarkson Platou cyberattack is not an isolated incident. In fact, 2017 alone saw Maersk and Clarkson Platou both suffer major data breaches. The following year, COSCO was attacked and just recently Anglo-Eastern was also held ransom in May 2020. Why the sudden increase in cyberattacks in the maritime industry?

Traditionally, the maritime industry had been by and large spared of cybercrime because of the low adoption of technology. However, things are changing and the advent of technology has ushered in a new threat to the industry.

Speaking at a cybersecurity seminar held on September 10, 2019, non-executive President of Clarkson Research Services, Dr. Martin Stopford had this to say, “In the last 40 years it has not been easy to keep in touch with a fleet of ships around the world. But a new generation of satellites is now making it technically possible to manage a fleet of ships as a single business in a way that wasn’t possible previously. But the more you do this, the more you’re vulnerable to cyber-attacks…”

Get started with innovative cybersecurity solutions

It is clear to see that the maritime industry needs to begin implementing new security measures. As you worried about your company’s security level? Contact us for a risk assessment and customized maritime cybersecurity solutions.