NotPetya Cybersecurity Attack On The Maritime Industry



27 June 2017, was a typical Tuesday unlike any other in Copenhagen, Denmark for global shipping conglomerate Maersk. It was business as usual. But in a short two hours, the leading shipping company’s world-wide operations would come to a grinding halt all because of one piece of code – NotPetya.

NotPetya origins and the intended victim

For decades, Russia and Ukraine have been fighting a cold war in which Ukraine has become the unfortunate guinea-pig of Russian cyber aggression. While Ukraine was the alleged target victim, the NotPetya cybersecurity attack had massive fallout which affected businesses around the world – including the Maritime industry.

State-sponsored Russian threat vector group Sandworm was behind the release of the virulent worm. Unsuspecting Linkos Group, a Ukrainian software business that housed servers responsible for pushing daily updates to computers was hijacked and used to launch the attack. NotPetya was designed to infiltrate computers in which a certain software – M.E.Doc – had been installed.

You see, M.E.Doc was the most widely used accounting software in Ukraine and subsequently made it easy to attack millions of Ukrainian devices in one single attack.  So in a second, any computer that had M.E.Doc installed regardless of where it was on the planet fell victim to NotPetya.

NotPetya’s extent of damage globally

The virus’s effects were felt all around the world and affected all sorts of businesses including pharmaceutical giant Merck, delivery company FedEx, and French construction firm Saint-Gobain to name a few. It was a nightmare that cost the world at least US$10 billion. The NotPetya cybersecurity attack has served to reveal the cataclysmic and overarching nature of cyber warfare. As cybersecurity fellow at the Atlantic Council Joshua Cormon mused, “Somehow the vulnerability of this Ukrainian accounting software affects the US national security supply of vaccines and global shipping.”

How NotPetya brought the Maritime industry to its knees

Despite not being the intended victim, the Maritime industry suffered an apocalyptic shutdown with the shipping company Maersk’s being the biggest victim. 574 offices spread out in 130 countries had to be shut down and thousands of computers unplugged.

The company’s fleet of 800 vessels working from 76 ports and responsible for the transfer of millions of tons of cargo on a daily basis was left stranded as none could dock and begin unloading. The disastrous consequences rippled across the supply chain affecting freight forwarding firms, trucking and logistics companies, and manufacturing industries waiting for deliveries.

The total loss suffered by Maersk came to a staggering US$300 million dollars. Many believe this is a watered-down figure and that the true cost of the NotPetya cybersecurity attack is known only by the company’s auditors. Regardless, this colossal number reflects the loss of a company that controls one-fifth of the world’s shipping industry. If one Maritime business lost so much, one can only wonder at the real damage that was done by NotPetya to the Maritime industry.

Object lessons derived from the NotPetya cybersecurity attack

Cisco director of outreach, Craig Williams speaking about the NotPetya cybersecurity attack said, “To date, it was simply the fastest-propagating piece of malware we’ve ever seen. By the second you saw it, your data center was already gone.” The Maritime industry had never seen anything like this.

A lot of questions have been raised about the attack with different viewpoints being expressed by CIOs but one point most security professionals agree upon is that a similar incident could very well happen again. The interconnected nature of global corporations only serves to compound just how easy it is to be attacked – even indirectly. Now more than ever, every industry whether energy, Maritime, medical, or financial needs to invest in next-generation cybersecurity solutions.

Actively manage cyber risk with Cybeta solutions

Where cybersecurity is concerned, businesses can never be overprotected. Cybeta is a pioneer of innovative cyber solutions that provide companies with tools to proactively manage and mitigate cyber risk. Contact us to learn how Cybeta’s solutions can help your organization build a robust cybersecurity program.