Chinese shipping giant COSCO suffered a suspected ransomware attack on Tuesday, July 24, causing a breakdown of its networks and systems in its North American Operations and slowing electronic communications.
Reports from the trade press citing internal emails suggest the company suffered from a ransomware attack and have asked staff not to open any ‘suspicious’ emails, but the official statement released on Wednesday makes no mention of malware.
The advisory claims that the network breakdown is causing email and network phones to not work properly and as such, they’ve shut down the connection with other regions for further investigation. It states that the main business operation systems have not been impacted by the attack and that business in the affected regions is still being seen through. The ‘network breakdown’ has left COSCO’s US website offline ever since.
The carrier’s overseas offices were forced to contact customers by phone and “hard-copy transmissions”, taking up valuable resources and time to communicate with its customers.
While the attack does not appear to be as severe, it is a reminder of the notorious NotPetya attack of June 2017 that forced Danish shipping giant AP-Moller Maersk to shut down operations for several days and cost the company over $300 million in losses.
The FBI received only 1,783 ransomware complaints in 2017 compared to 2,673 in 2016, so in general ransomware attacks are on the decline, but it’s important to always be prepared to defend against an attack as the potential impact ransomware can have can be devastating for any business.
NNT suggests implementing a sophisticated Breach and Host Intrusion Detection solution that will forensically evaluate normal operations within your IT systems and applications and alert you of unauthorized or suspicious changes that could be potential malware. This coupled with NNT’s Ransomware Mitigation Kit will help protect your organization from being the next victim.