A CMA CGM container ship in Le Havre, France. Picture: REUTERS/BENOIT TESSIER
A CMA CGM container ship in Le Havre, France. Picture: REUTERS/BENOIT TESSIER

London — Two key players in the global shipping industry are trying to restore computer networks and assess the damage from separate cyber-attacks this week that are adding short-term complications to supply chains already straining ahead of peak season for consumer demand.

The International Maritime Organisation (IMO), a UN agency that serves as the industry’s regulator, said on Thursday it suffered “a sophisticated cyber-attack against the organisation’s IT systems.”

The breach affected its public website and internal systems, it said. The IMO’s web page remained down on Friday morning in London.

That attack followed the disclosure earlier this week by closely held CMA CGM, the world’s fourth-biggest container liner, that its information systems were compromised. The France-based company said on Thursday that offices are “gradually being reconnected to the network, thus improving the bookings’ and documentation’s processing times.”

“We suspect a data breach and are doing everything possible to assess its potential volume and nature,” the company said in an e-mailed statement. CMA CGM is among the world’s five leading container liners that account for 65% of global capacity, according to Alphaliner data.

A ‘headache’

There’s no evidence yet that the incidents are linked, but both disruptions are extensive and that possibility is being considered, according to a report by maritime intelligence service Lloyd’s List.

A rash of cyber-incidents has afflicted the shipping industry in recent years, the biggest of which was an intrusion that cost Copenhagen-based AP Moller-Maersk about $300m in 2017.

The Maersk incident “has clearly drawn the attention of scammers and cyber-criminals who realise that the shipping industry is acutely exposed”, said Ken Munro, a security specialist at Pen Test Partners, a cyber-security company with clients in the maritime industry. “If shore-based systems aren’t available to book containers, ships can’t be loaded and can’t generate revenue. Targeted attacks against shipping lines are therefore lucrative for ransomware operators.”

Maersk shares fell 1.7% Friday at 12.18pm in Copenhagen after reaching their highest level of the year on Thursday.

While it’s too soon to say whether the recent attacks will prove a brief irritant or something more damaging, logistics experts, such as Bloomberg Intelligence’s Lee Klaskow, say the cyber-threats are a “near-term headwind and headache, for sure”.

The timing of the latest acts of cyber-piracy is particularly bad for shipping liners still waiting to see some normalcy restored to their seasonal cycles. The pandemic threw supply chains out of sync for everything from paper towels to computer monitors, as consumers were forced to work from home and purchase necessities online.

Aboard ships, hundreds of thousands of crew members have been prevented from returning home to take time off because of travel restrictions.

“With 400,000 seafarers currently stranded at sea across the world, any further disruptions, be it cyber or otherwise, shouldn’t just worry the shipping community but every single individual involved in the global value chain,” John Stawpert, manager for environment and trade at the International Chamber of Shipping, said in an e-mailed statement on Friday.

The demand on shippers, which reduced capacity initially in anticipation of deep recessions caused by Covid-19 outbreaks, hasn’t really abated since lockdowns ended because e-commerce purchases have stayed strong and companies are restocking inventories.

As a result, the benchmark cost to move cargo containers across the Pacific has tripled since the start of the year.

Retail customers

According to a research note on Friday by Panjiva S&P Global Market Intelligence, “the hack comes at a potentially challenging time for CMA CGM’s Asia business, as retailers may be concerned about disruptions in the lead up to an already-uncertain peak sales season.” The shipper does significant business with retailers, including Walmart, Sunbeam Products, Michaels and Mattel, Panjiva S&P Global said.

Lars Jensen, CEO and founder of SeaIntelligence Consulting in Copenhagen, said that, as of Friday, he’s assuming the IMO’s problems are of “minor practical consequence”.

For CMA CGM, which is now in its fifth day of dealing with the breach, he noted that it took Maersk eight days to mostly restore functions and four to five weeks to recover fully. It was a costly interruption for the world’s biggest container liner but it didn’t create significant problems for the global supply chains, Jensen said, adding, “It appears for now that marine operations function for CMA CGM and therefore the main impact is more likely to be felt in CMA CGM’s commercial sections.” 

Bloomberg

Would you like to comment on this article or view other readers' comments?
Register (it’s quick and free) or sign in now.

Speech Bubbles

Please read our Comment Policy before commenting.