Little risk of spreading to other regions or repeating a Maersk-style meltdown
THE IT problems that have been affecting Cosco’s operations in the Americas are continuing, though vessel operations are unaffected and bookings can be processed through its website and electronic data interchange — the EDI channels.
“Our main business operation systems are performing stably,” Cosco said in a statement on its website. “But email systems in the US, Canada, Panama, Uruguay, Chile and Peru are temporarily unavailable. Internet phone systems in US, Canada, and Panama are temporarily shut down.”
In the UK, the company’s websites remain down.
Cosco told Lloyd’s List the UK websites had been closed to direct customers to its global site instead.
To date, the impact of the problem, which is thought to have been a ransomware attack on its US networks, has been low.
One Chinese forwarder using Cosco services told Lloyd’s List the impact had been minor.
Unlike Maersk, which was hit last year by the NotPetya ransomware attack, and which had an integrated global network, Cosco has several networks divided by different regions.
This decentralisation appears to have helped prevent a more serious spread of the attack.
“For now we do not seem to be looking at a Maersk-like scenario as the attack has not immediately spread to all countries,” CyberKeel chief executive Lars Jensen told Lloyd’s List.
“This could be due to one of three different things. Either the attack is quite specific and applicable to only a few places, or because Cosco has configured its systems deliberately for defence-in-depth to prevent an attack from spreading. But it could also be that Cosco’s systems are quite disjointed and hence by happenstance also tend to provide defence-in-depth.”