UPDATE: April 15, 2020: MSC's website and MyMSC are back up and running, after a network outage at the carrier's Geneva headquarters beginning Thursday.
"We determined that it was a malware attack based on an engineered targeted vulnerability," a notice on the Swiss container line's site stated. It said it is not aware of any lost or compromised information.
Cargo continued to flow throughout the outage, and terminals operated without disruption, MSC said.
- A network outage continues to plague MSC's headquarters in Geneva, affecting internal data processes, MSC.com and MyMSC. The latter is a shipper portal for booking, managing and tracking shipments. MSC first tweeted about the outage Friday.
- "All MSC departments, terminals and depots are serving customers regularly and cargo is flowing without interruptions," the Swiss container line tweeted early Monday morning local time. Shippers can still book via email, phone, GT Nexus or Inttra, the carrier said.
- "We cannot rule out entirely the possibility of a malware," MSC tweeted Friday but has not offered further clarity on the possibility of a cyberattack since then.
We’re working towards full recovery in the shortest time possible.— MSC Cargo (@MSCCargo) April 10, 2020
More than 72 hours have passed since MSC first tweeted about an outage, yet shippers and industry stakeholders still have little clarity on the cause of the outage or an estimate of when the website will be back up and running. The container line said it will continue to issue regular updates.
The possibility of a cyberattack brought back memories of the 2017 NotPetya attack on Maersk, which hampered terminal operations and cost the Danish company an estimated $250 million to $300 million. A portion of the losses stemmed from lost bookings in the Damco forwarding division.
During the Maersk outage, customers were still able to book via Inttra, Lars Jensen, CEO of SeaIntelligence Consulting, wrote on LinkedIn, just as MSC customers are able to do now. However, shippers cannot book directly through MSC's website or manage shipments through MyMSC.
"In a time where self-service electronic tools is seeing a rapid increase due to the pandemic this is unfortunate timing for MSC," Jensen wrote.
The outage comes as the ocean shipping industry continues to digitize operations, putting bookings and instant quotes online and leveraging emerging tools such as blockchain and IoT. MSC is signed onto Maersk and IBM's blockchain network, TradeLens, and is part of the Digital Container Shipping Association.
MSC has also equipped thousands of containers with IoT devices to track location, temperature and humidity. But as the industry adds connectivity, the touch points are also entry points for bad actors.
The NotPetya attack on Maersk in 2017 offered a lesson to the industry to make security a priority as digitalization advances and to keep communication open with freight forwarders and shippers affected by an outage. "The teams MSC has in place are working very hard to deliver a smooth operation," Otto Schacht, EVP Sea Logistics at Kuehne + Nagel, wrote on LinkedIn, noting the container line's CIO informed K+N "within minutes" of the outage and what to do.
The coronavirus pandemic "provides incentives and opportunities for criminal groups," Interpol warned last week, noting an increasing in cyberthreats such as malicious domains, malware and ransomware. Less tech-savvy industries, such as manufacturing and transportation, face greater risk of cyber breaches, which can operate in the background and go undetected for months, according to a Verizon report.