(LONG BEACH, Calif.) — The China Ocean Shipping Co. (COSCO) terminal at the Port of Long Beach was hit by a cyberattack on Tuesday, the Press-Telegram reported.
A spokesman for the Shanghai-based company acknowledged the ransomware attack but said that the company’s operations outside the United States were not affected.
The Journal of Commerce, citing COSCO Vice President Howard Finkel, reported that communications between the carrier’s U.S. operations and its customers had been slowed and were possible via telephone, but not electronically.
The situation doesn’t appear to be nearly as severe as the June 2017 cyberattack on Danish shipper AP-Moller Maersk, which was forced to shut down the terminal it operates at the Port of Los Angeles for three days.
Click here to read the story.
The following is a statement from Naval Dome CEO Itai Sela on the COSCO cyberattack:
“Reports that cyberhackers have successfully attacked COSCO’s Long Beach customer service center (are) very worrying indeed.
While COSCO shut down its connections as a precautionary measure, we have to emphasize that ships are not islands, they are not self-contained units. This is a mistaken belief. Shore and ship operations are cyberconnected.
If shore-based and ship-based IT systems are linked, it could open a gateway to the COSCO ships, leaving them highly susceptible to an attack. Vessels do not need to be attacked directly, but an attack can arrive via the company’s shore-based IT systems and very easily penetrate the ships’ critical OT systems.
Although COSCO has been quick to respond to this hack, the virus may have been dormant for some time, so I would not be surprised if other systems – shore- and ship-based systems – have been breached.
This kind of attack could spread through the entire fleet and its consequences might be devastating, and certainly costly, especially in terms of insurance. We strongly recommend to whoever discovered the attack to thoroughly verify the breach has been contained and has not infected any ships in the COSCO fleet.
This cyberattack, like the Maersk attacks last year, will no doubt send shock waves throughout the industry and encourage board members to take immediate, effective protection. Regulators need to implement workable rules and guidelines to help this vitally important global industry defend itself properly.”
