“Maersk has said that it has opened secure links with no connection to its systems for customers wanting to book cargo.
The company explained that the links have been isolated from the Maersk network, authenticated and cleared by security and pose no risks to customers’ systems. However, there may be some difficulties in booking dangerous cargoes. Rates remain the same as those posted before the attack, the Danish group added.
In a statement released late on 29 June, Maersk said that all bookings taken before 08:00 hrs on 27 June have been secured and that it will send equipment out. It added that there was no need to make replacement bookings.
Maersk is still battling to reinstate systems that were hit by the Petya ransom-ware attack on Tuesday 27 June. The company has had some success in enabling customers to book cargo via the INTTRA portal, for those with an existing account.
According to the statement, bookings will take a little longer but are now possible.
One large customer, freight forwarder Kuehne+Nagle, confirmed that it was now able to book cargo with the line. However, a Maersk spokesman told IHS Markit that the information offered by Reuters that “Maersk said it was using alternative channels to take orders manually and to communicate with customers until it could resolve its IT problems,” was incorrect and should be ignored.
K+N global head of seafreight Otto Schacht explained to IHS Markit that the forwarder is now able to book its cargo directly with Maersk through the operational platform that K+N has used for the past 18 years.
“We have had no major problems with our operations. We have been speaking to Maersk regularly and we are being patient [for systems to be restored],” said Schacht.
A lack of information from the line remains a concern and Maersk has reiterated that it does not know when its systems will be able to return to normal.
The company did, however, confirm that a number of IT systems had been “deliberately shut down across multiple sites and select business units, also impacting email systems. Business continuity plans are being implemented and prioritised.”
It added, “Our focus is on ensuring the best business continuity possible for our customers and business partners. We are collaborating with IT experts including national cyber-crime agencies and IT industry leaders, to reinstate services safely and without further disruption.”
APM Terminals says that most of its terminals are now operational, there is no detail of which facilities remain closed, but the company said some of these facilities are working more slowly and with limited functionality.
Meanwhile, Damco, AP Møller’s logistics provider, has limited access to some systems. “A business continuity plan has been deployed with a key focus on protecting customers’ cargo flows,” the company said.
Gideon Lenkey, director of technology at EPSCO-Ra cyber-security specialists, said that it appeared that Maersk was struggling to clear the virus from its systems.
He suggested the severity of the attack will depend on how well Maersk has set up its systems to deal with this type of malware. Asked if this meant that Maersk had not used the patches designed to protect their systems, he replied, “Not using patches is one way that they could be vulnerable to it.”
Lenkey praised Maersk for sharing information about the attack. He said most companies hit by cyber-attacks tend to keep quiet and that should be a concern for the industry because then “the industry does not perceive that there is a problem and so the industry suffers”.
More on the Maersk attack