- After suffering a severe malware attack, Maersk Line has petitioned the Federal Maritime Commission for an exemption from service contract filing, American Shipper reported Tuesday.
- The exemption, filed on June 30, is for 20 days, during which Maersk would gain relief from service contract filing rules. Language within the petition states that the virus severely impaired its information systems, rendering the Line unable to determine which service contracts and/or service contract rates expire in late June or early July.
- The 20 days of relief will allow Maersk to regain access to its service contract database, and enable it to identify expiring contracts/rates plus obtain agreements from shippers regarding the disposition of their expiring contracts and rates.
Roughly 76 ports worldwide were affected as a result of the attack on Maersk, including those in Spain, Los Angeles, New Jersey, India, and the Netherlands. Port operators experienced slowdowns as workers resorted to manual methods of operation. APM Terminals, which are owned by Maersk, said a “majority” of its terminals were operational by late afternoon on June 28 in New York, though some were operating slower than usual and with limited functionality, according to Bloomberg. At the Port of Los Angeles, the Maersk-affiliated terminal shut at 6 a.m. local time Tuesday the 27 and remained closed the following day, according to Phillip Sanfield, a spokesman.
While cybersecurity has been an issue for a while, the latest ransomware hit against Maersk has turned out to be much more serious than originally thought. Not only is Maersk still reeling from the attack more than two weeks later, but it is now unable to follow service contract rules. This may harm investor relations, but it also shows that Maersk is still a very long way off from recovery. Shippers who use Maersk should be aware that this may indicate Maersk's day-to-day operations will be continue to be slowed or impaired for the foreseeable future.
Maersk is also a warning to other shipping lines and companies that may have outdated IT systems or cybersecurity systems. While cyberattacks are always a warning to untouched companies, attacks like this one should be a wake up call: Faulty cybersecurity can allow an attack to seriously damage a company's supply chain, so other companies should invest in better cybersecurity now, while they still can.