News / Maersk still feeling effects of cyber attack, but FMC provides breathing space

© Igor Stevanovic

Maersk is to conduct a “full post-mortem” on last month’s Petya cyber attack that crashed its global computer information systems.

It said today enquiries would begin “once our service has returned to more normal conditions”.

It said it had put in place “different and further protective measures” – details of which it declined to share – in response to the new type of malware virus that had breached its own and Microsoft’s antivirus updates and patches.

In a customer advisory, Maersk said that no data loss to third-parties was known to have occurred, to date, and again sought to reassure worried customers that the virus has not spread “between networks or across the internet”.

Meanwhile, the US Federal Maritime Commission (FMC) has granted Maersk Line a 20-day exemption from service contract filings after it accepted that the attack had “severely inhibited” its computer systems, rendering the carrier unable to determine which service contracts and rates were scheduled to expire.

The temporary exemption runs from the date of Maersk’s 30 June petition to the FMC, which the carrier said should provide it sufficient time to regain access to its contract database.

FMC commissioner William Doyle explained: “Basically, by granting the petition, Maersk will not require customers to pay higher tariff rates to shipments tendered during the 20-day period, but rather, this action permits Maersk to apply service contract rates to such shipments that were agreed upon and filed after the date of cargo receipt without violating the Shipping Act.”

Mr Doyle also took the opportunity to urge others in the supply chain to tighten up their IT system protection.

“This cyber attack happened to Maersk, the largest ocean carrier in the world. If it can happen to them, it can happen to anyone,” he said.

The Loadstar reported yesterday on the impact of Petya on FedEx subsidiary TNT Express, which included immediate operational disruption, inability to invoice and customer loss.

Maersk has only just started to invoice its customers, with anecdotal reports to The Loadstar suggesting that the carrier is far from over the crisis that clearly had a significant impact on its trading since the cyber attack.

Maersk is understood to be coming under pressure from shareholders to provide more information on the financial impact of the attack. It will publish its second-quarter and first-half interim report on 16 August.