Incident Of The Week: Cosco Shipping Faces Ransomware Attack

Warns Other Regions Not To Open Suspicious Emails



Dan Gunderman
07/27/2018

In the dynamic world of cyber security, breaches are both tightly guarded and, sadly, imminent.

Combing through data, market research and threat-defense efforts taken by enterprises can be a daunting task. Here at Cyber Security Hub, we both track the latest industry news and make it more navigable for the IT professional. Cyber Security Hub coverage extends outwards – as it helps enterprises batten down their proverbial hatches.

In this edition of “Incident of the Week,” we examine a cyber-attack on the American region of China’s state-run shipping company, Cosco Shipping Holdings, Co. It’s not the first time a top, global shipping company fell under the crosshairs of black hats either, as last year Danish shipper A.P. Moller-Maersk fell victim to the NotPetya malware strain.

On Tuesday, July 24, 2018, Cosco was targeted, yet the company said the incident has not disrupted global shipping operations, according to the Wall Street Journal.

A customer advisory on its Facebook page from Wednesday read: “So far, all vessels of our company are operating normally, and our main business operations are stable.”

See Related: Incident Of The Week: LabCorp Hit With 'SamSam' Ransomware


Photo: VladSV/Shutterstock.com


The cyber-incident has been chalked up to a “local network breakdown” in the Americas region, which impacted email and telephone. In a remedial step, the company cut communications with other regions, although operations were maintained.

According to the WSJ, the cyber-attack comes just shortly after it acquired an Asian rival, Orient Overseas Container Lines, which left Cosco with control of a container terminal in Port of Long Branch, Calif. There, operations are believed to have been carried out normally.

A spokesman said they have yet to see effects, although the company is taking the threat seriously.

See Related: Incident Of The Week: 21M Users Affected By Recent Timehop Breach

Last year, the Cyber Security Hub reported on the similar attack on Maersk. At the time, officials estimated that the attack would cost the company hundreds of millions of dollars.

The 2017 article read: “In its August financial report, (Maersk) confirmed that it felt a significant loss in Q2 because of the ransomware. In a statement, it said that Maersk Line, APM Terminals and Damco were affected by the ransom-demanding plague.”

It continued, mentioning that business volumes were negatively affected by the attack and that overall, it could “impact results by $200-300 million.”

In the recent Cosco attack, the company reportedly warned employees in other regions not to open suspicious emails and urged its IT staff to perform a sweep of the internal networks with antivirus software, according to Bleeping Computer.

Overall, though, the same report indicates that the “Cosco incident is much smaller in size and nature compared to Maersk’s NotPetya troubles.”

Be Sure To Check Out: Incident Of The Week: Ticketmaster U.K. Data Breach Impacts 40K

RECOMMENDED