Cosco’s staff across the Americas have resorted to using Yahoo email addresses and social media to keep in touch with clients as the Chinese carrier grapples to get operations on track following a ransomware attack on Tuesday morning. Though banned in China, sites such as Facebook and Twitter have become vital client communication tools for Cosco’s American staff in recent days. The cyber attack is believed to have started at a customer service centre in Long Beach and spread across Cosco’s US network and then the entire Americas region.
While each region was isolated from Cosco’s global Shanghai server after the breakdown in the Americas, each region bar the Americas has since been reconnected.
“[W]e are trying our best to investigate and fix the network problem in the Americas and it is expected that the network applications will be gradually back to normal soon. We have implemented contingency plans, such as transferring operations and conducting operations via remote access in order to ensure continuous service in the Americas. During the network failure period, there could be delays in service responses in the Americas, and we are expecting your kind understanding,” Cosco said in a statement yesterday.
Cosco has stressed to customers that it is safe to keep contact with the company via its website, emails, EDI, or CargoSmart.
Commenting on the attack, Itai Sela, the CEO of cyber security specialists Naval Dome, said: “Although Cosco has been quick to respond to this hack, the virus may have been dormant for some time, so I would not be surprised if other systems – shore- and ship-based systems – have been breached… We strongly recommend to whoever discovered the attack, to thoroughly verify the breach has been contained and has not infected any ships in the Cosco fleet.”
The high profile attack follows on from last year’s ransomware attack on Maersk. Sela has called for regulators to implement workable rules and guidelines to help shipping defend itself properly.