BW Group steps up cyber security after IT infringement

BW Group stepped up cyber-security measures after a hacking attack in July. Credit: Shutterstock
BW Group stepped up cyber-security measures after a hacking attack in July. Credit: Shutterstock

Oslo and Singapore-based BW Group was hit by an apparent hacking attack in July, but the shipowner said it suffered no lasting damage to its operations and has since stepped up cyber security.

There was an unauthorised access to the company’s systems, a BW spokesperson told IHS Markit, and action was taken to rectify the matter.

“Internal and external communications to customers and stakeholders were not impacted and it was business as usual with some inconveniences as we worked around planned system downtimes as our IT department, with the assistance of external consultants, reinforced our cyber-security infrastructure.”

As vessels are increasingly connected to the internet, the maritime sector has grown more aware of cyber threats and security issues, especially after a cyber attack on Maersk in June.

The world’s largest container ship operator fell victim to the NotPetya virus on 27 June, which affected multiple company websites and caused disruptions worldwide at Maersk’s terminal operator subsidiary, APM Terminals. The liner carriers and alliances that feed into them were also affected.

According to Lars Jensen, CEO of security firm Cyber Keel, the NotPetya virus essentially overwrites the master boot record. That means that the infected computers and systems will not be able to start, and the user will not be able to access files, with re-installing data from scratch the only remedy.

Maersk managed to resume key applications by 3 July, but continued to “[work] towards a normal state of business” in the week after. In the interim, the company opened secure links that were isolated from the Maersk network, for customers wanting to book cargo.

The incident was part of an international attack hitting large companies and government organisations across Europe, Russia, and the United States. The case was made high-profile by the extent of Maersk’s operations and experts called it a wake-up call for the maritime sector, particularly in the area of cyber-risk management.

Have you registered for our Cyber Security webinar on October 19?