COSCO Shipping Lines Back to Normal after Cyber Attack

“All communication channels including telephone, email, and electronic data exchange have been restored. There has been a further increase in our service response. We are working at full stretch to process all the service requests received previously, and the service response is expected to be back on track within this week.

“Global networks of COSCO Shipping Lines are safe and stable, and our global business operations are steady and orderly,” the company said in an update.

Initially, it was reported that the customer service platform at COSCO’s terminal at the Port of Long Beach was targeted by hackers. Nevertheless, the company later said that the network breakdown affected offices across the American continent.

The network failures affected areas included the United States, Canada, Panama, Argentina, Brazil, Peru, Chile and Uruguay. However, the company’s ships were not affected and continued operating as normal.

Commenting on the cyber attack, Naval Dome CEO Itai Sela said that the incident was very worrying.

“While COSCO shut down its connections as a precautionary measure, we have to emphasize that ships are not islands, they are not self-contained units. This is a mistaken belief. Shore- and ship-operations are cyber-connected,” he said.

“If shore-based and ship-based IT systems are linked, it could open a gateway to the COSCO ships, leaving them highly susceptible to an attack. Vessels do not need to be attacked directly but an attack can arrive via the company’s shore-based IT systems and very easily penetrate the ships’ critical OT systems.

Although COSCO has been quick to respond to this hack, the virus may have been dormant for some time, so I would not be surprised if other systems – shore- and ship-based systems – have been breached.

This kind of attack could spread through the entire fleet and its consequences might be devastating, and certainly costly, especially in terms of insurance. We strongly recommend to whoever discovered the attack, to thoroughly verify the breach has been contained and has not infected any ships in the COSCO fleet.

This cyber-attack, like the Maersk attacks last year, will no doubt send shockwaves throughout the industry and encourage board members to take immediate, effective protection. Regulators need to implement workable rules and guidelines to help this vitally important global industry defend itself properly.”