MSC informed its customer on April 10th, 2020, that their website www.msc.com and myMSC customer and vendor portal is not available to some of its data centers due to a network outage.
At the time, MSC did not notify that a malware caused the incident and provided no further information.
What is the situation now?
The MSC has resolved the incident. The website and portal are back online. On Wednesday, MSC posted a statement and a FAQ related to the outage in which it confirmed that it had been a victim of a cyberattack.
The company said that after a thorough examination, they have verified that the attack was restricted to a limited number of physical computer systems in Geneva only. The company also added that they have the malware attack was based on an engineered targeted vulnerability. They said that they had shared the facts as per industry measures with our technology partners so that mitigations could be made available to the company and its partners alike.
Was it a Ransom Attack?
While it could also have been a ransomware attack, the company did not share any information about the malware used for the attack. It stated they would not provide any additional information at this point. The company said the attack had affected their business in a limited way. MSC has found no evidence on whether or not their data is compromised or stolen due to the incident.
It is essential to point out that is this was a Ransom attack, some Ransom operators would have been stealing data from a compromised system and saving clients encrypted files for the sake of blackmailing and collecting Ransom
Was MSC operational during the attack?
According to the company, during the network outage, MSC's global agencies and its people around the world remained serving customers as usual in most cases. All MSC departments, terminals, depots, etc. operated without disruptions, and the incident posed no threat to parties engaging in business with the company.
MSC is not the only shipping company that was hit by cyberattacks in recent years. Denmark based Maersk, Chinese stated-owned COSCO, and Australian based Toll Group are also in the list of the companies hit by malware. The rising number of malware attacks deems the adoption of new information security measures necessary for all shipping company giants.