News / Cyber attack victims Maersk and TNT find ways to keep customers' cargo moving

© Amy Walters

Maersk, APM Terminals and TNT are working hard to get their operations back on track as they enter the third day of the Petya cyber attack.

TNT this morning acknowledged it was experiencing “interference” and said it was implementing remediation steps. It is unable to collect dangerous goods shipments.

“We have implemented operational contingencies to continue to complete collections from customers with scheduled stops. For customers who do not have a regular stop, collection should be arranged via our customer service centres.

“Customers may experience delays in the transit of shipments, particularly inter-continental or non-EU European delivery, as we work to remediate our systems. Additionally, if customers do not have the facility for self-labelling, they may also experience delays,” it said on its website.

It added in a statement that the financial impact could be “material”.

According to software provider CargoSmart, 11 of APM Terminal’s facilities have not received ships since the attack, but the majority of the terminals are now back up and running, albeit with some delays or “limited functionality”.

CargoSmart did acknowledge, however, that “it may be the case that some terminals are less busy, and it is normal to have zero vessels arrival in two days. On the other hand, the terminals in Nhava Sheva, LA, Mobile, and Callao should have had more vessel arrivals when we compare the recent data with its 14-day average data”.

Potentially affected terminals: CargoSmart

Maersk, meanwhile, the highest-profile casualty, is now accepting bookings again via INTTRA.

“A number of IT systems are deliberately shut down across multiple sites and select business units, also impacting email systems. Business continuity plans are being implemented and prioritised,” it said on its website.

“We continue to assess the situation. Until this analysis is complete, we cannot be specific about how many sites and locations are affected or when normal business operations are restored. The aggregate impact on our business is being assessed.”

It said it was collaborating with cyber crime agencies. All its vessels are “under control” and according to CargoSmart, about 73% of its vessels are running normally. It has a public tracker, showing all vessel locations and ETAs at the next scheduled port.

Damco, Maersk’s forwarding subsidiary, has “limited access to certain systems”, but its business continuity plan aims to keep customers’ cargo flowing, it said.

The fallout will depend on how often Maersk backed up its systems, according to Lars Jensen, CEO of CyberKeel. If it is just once every 24 hours, there could be some chaos to come, he warned.

CyberKeel, meanwhile, said it had been examining the code used for the attack, which, it thought, stemmed from a government agency rather than hackers.