The attack, detected by the company, resulted in unauthorized access to part of the group’s information systems, with some systems subsequently encrypted. The intrusion also led to the download of certain data files, although the company did not specify the type of information involved.

The figure was cited by Naval Dome, an Israeli cybersecurity company previously mentioned on this site, notably here. Within this reported 400% increase, Naval Dome notes a rise in various forms of malware, including ransomware, as well as phishing attempts. These developments occur in a context where social distancing measures, travel restrictions, and economic difficulties have limited the ability of maritime companies to maintain their usual cybersecurity posture.

Beyond these official statements, very few details about the incident have been disclosed.

Since May 2019, the U.S. authorities have recorded numerous unlawful activities in the region. In two of those cases, GPS interference occurred at the same time as other suspicious events.

The policy reportedly covers several situations, including: crisis management in the event of ransomware attacks, data theft, incidents involving third parties, loss of connectivity following attacks on satellite communication links, as well as cases related to GDPR and the NIS Directive.

According to a report published by Lloyd’s of London in collaboration with CyRiM (see the video here and the full PDF report here), and relayed by the news agency Reuters, a cyberattack targeting Asian ports could result in losses of up to 110 billion dollars. This amount is roughly equivalent to half of the total economic losses caused by natural disasters in 2018.

It is worth recalling that Lloyd’s specializes in commercial risk insurance. Such risks are generally less insured in Europe and Asia than in the United States.

As mentioned in a recent article, the shipping company MSC was the victim of a cyberattack about a week ago. The incident disrupted the operation of its online booking systems for four days.

In a recent statement, the company confirmed the cyber origin of the incident, which affected several servers located in Geneva: “we have determined that it was a virus attack exploiting a targeted vulnerability.”

It is worth noting that the company shared information about the attack with its partners in order to reduce the risk of similar incidents occurring elsewhere.

According to Le Marin and other online sources, the shipping company MSC (Mediterranean Shipping Company), the world’s second-largest container shipping line, was reportedly affected by a cyber incident that disrupted its electronic booking system known as “MyMSC.” The incident occurred at a particularly difficult time, as the global shipping industry was already dealing with the effects of the COVID-19 pandemic.

Email services appeared to remain operational, but the company initially released little information beyond indicating that the disruption was likely related to a network outage in one of its data centers.

The website of the U.S. Coast Guard (which is involved in cyberspace issues, as mentioned in this article) reports that a U.S. maritime operator was impacted by the “Ryuk” ransomware.

This malicious code is not new. It first appeared in the summer of 2018 and has already affected numerous companies, such as Eurofins in the summer of 2019 or Prosegur more recently. As noted by CheckPoint, the malware is not particularly sophisticated from a technical perspective, but it specifically targets large companies and organizations with significant financial resources that may prefer to pay a ransom (which is not recommended and does not always work, particularly in the case of Ryuk) rather than lose several days of operations. As early as January 2019, it had already generated €3 million for its operators (source: Le Monde). In March 2019, the French cybersecurity agency ANSSI published both an alert bulletin and a news bulletin about this malware.