July 24, 2018: COSCO Cybersecurity Attack

COSCO_SHIPPING_VESSEL

 

Chinese state-run shipping company, COSCO Shipping Holdings, Co., was the target of a cybercrime carried out on Tuesday, July 24, 2018. The carrier which had acquired Orient Overseas Container Lines and subsequently inherited a container terminal at the Port of Long Branch, California earlier in the year said the nature of the attack was a network intrusion by an unauthorized third party.

COSCO cybersecurity attack ramifications

Communication lines between vessels and ground crews and customers were cut off in the American region. Company operations outside the United States weren’t as adversely affected as those within the country.

COSCO released a statement in the wake of the incident, “We are glad to inform you that we have taken effective measures. Except for the above regions affected by the network problem, the business operation within all other regions will be recovered very soon. The business operations in the affected regions are still being carried out, and we are trying best to make a full and quick recovery. We will keep you updated on the latest progress through various channels.”

They did not however share how much this ransomware incident cost them.

COSCO cybersecurity attack, not an isolated incident

The COSCO cybersecurity attack is a reminder to every maritime business of the growing dangers posed by cyber threat vectors. The number of maritime firms falling victim is worrying. Already some of the biggest names have fallen prey – Danish shippers AP Moller – Maersk, Hong-Kong based shipbrokers Anglo-Eastern, and British shipping giant Clarkson Platou.

These attacks are not isolated incidents but reflect the signs of the times. The widespread adoption of digital technology systems has opened these maritime businesses to threats from various entities. Common threat vectors include foreign state agents, hacktivists, and general cybercriminals.

How can maritime businesses protect themselves?

According to cybersecurity specialist Paul Herbka, the first step to preventing incidents such as this COSCO cybersecurity attack is to get excellent maritime cybersecurity systems: “Security in IT is like locking your house or car – it doesn’t stop the bad guys, but if it’s good enough they may move on to an easier target.”

In addition, no cybersecurity strategy is complete without cyber insurance. Threats are real and companies that pretend that they aren’t are only setting themselves up for costly damage control situations – just ask Maersk whose indirect cyber incident cost them a whopping $300 million.

Cybeta paving the way with innovative maritime cybersecurity solutions

Cybeta prides itself on providing practical safe and secure customized solutions for maritime businesses. Our team is made up of US intelligence-trained experts boasting decades of experience working for the Department of Defense and various US National Intelligence organizations. Contact us for tailored cybersecurity solutions.