As Maersk Line, Cosco Shipping, CMA CGM were hit

A cyber attack on the the International Maritime Organization, IMO, data systems and internet services is a wake up call on all its members states, maritime service providers, shipping companies to up the ante in safe keeping their data and all information on their operations/services.

The IMO said its London headquarters has been hit by a cyberattack that brought down its website and internal web-based services.

Kitack Lim, IMO Secretary General

The regulator was hit “by a sophisticated cyberattack against the organization’s IT systems that overcame robust security measures in place,” the IMO said on Thursday. “IMO technicians shut down key systems to prevent further damage from the attack.”

The hack was the latest in what appear to be a increasing number of cyberattacks on companies and organizations around the world this year. It follows a malware attack that hit containership company CMA CGM last weekend, crippling the French carrier’s booking and electronic communications network.

The IMO’s main website has been down since Wednesday, and the organization said it is working with U.N.’s information technology and security experts to restore systems as soon as possible.

While security experts at the IMO and CMA CGM said they believe the two incidents are probably unrelated, the frequency of cyberattacks against the maritime sector has increased this year, underscoring weaknesses in security systems at companies that are major carriers of global goods trade.

“Shipping has been relatively slow in taking the threat seriously,” said Lars Jensen, chief executive of Copenhagen-based SeaIntelligence Consulting and maritime security adviser to cybersecurity firm Improsec. “The industry is a relatively latecomer to take measures to defend itself and that makes it the easiest prey in the Savannah for criminal gangs.”

The IMO has written guidelines for tougher cybersecurity defenses for ports and vessel operators that are set to take effect in January.

The attack on the maritime group follows a series of breaches of technology networks that have hit the world’s four largest container shipping lines in recent years, along with other big freight operators.

The largest of those came in 2017 when Denmark’s Maersk Line, the shipping unit of A.P. Moller-Maersk (the world’s biggest container operator), was hit by the global NotPetya ransomware attack that crippled the carrier’s operations for a time. It cost the carrier $300 million to repair the damage.

Chinese container line Cosco Shipping Holdings Co. was hit by a cyberattack in 2018 and Geneva-based Mediterranean Shipping Co. suffered a network outage earlier this year that was believed to be the result of a cyberattack.

Although nation-state hackers may have specific political or military objectives for cyberattacks, the majority of ransomware and other intrusions are financially motivated. Regulators such as the IMO often hold valuable data on individuals and companies, making them a target.

Cyber attacks are not new threats but the attack on IMO must serve a a wake up call on the entire global maritime community to rise up to the challenge and secure their operational systems firmly.