Cosco Shipping targeted in ransomware attack

COSCO Shipping Lines, the container shipping arm of state conglomerate China Cosco Shipping Group, has been hit by a cyber attack that has disabled its IT systems in the US.

A customer notification from the company confirmed the breakdown of its networks and systems in the US, with services such as slot booking and emails being affected. The cause was not identified. An internal email to the company’s Chinese employees, seen by Lloyd’s List, stated that the overseas office had suffered a ransomware attack. It requested an inspection of computers with anti-malware software and ask staff not to open “suspicious” emails. A Cosco Shiping spokesperson said the cause of the systems failure was being verified.

Systems in CSL’s Chinese headquarters and offices outside the US were not affected, while operations of vessel terminals were normal, according to the notification.

CSL recommended US-related clients to submit booking requests, shipping instructions and amendments by using the e-commerce service on its website.

 “Some parts of your emails may be missed or delayed. Please keep tracing your shipment via ‘cargo tracking’ at our official website,” the company said.

It said it was assessing the incident and taking measures to minimise the impact of on business.

The attack comes a year after Maersk Line sustained a severe blow from a ransomware attack, which cost the Danish carrier up to $300m. Maersk’s terminal operating arm, APM Terminals, was severely affected by that attack, which saw operations at many of its terminals severely curtailed as the company struggled to regain control of key systems. Its fully automated flagship Maasvlakte II terminal was forced to stop operations for over a week.

Law firm Mishcon de Reya warned that the fragmented nature of shipping left it open to cyber threats and that the International Maritime Organization should take a lead in ensuring that the industry had stricter security standards.