A.P. Moller-Maersk Group, also known as Maersk, is one of the biggest shipping companies in the world. This past week they were attacked with a ransomware known as Petya, which uses the same exploits that the WannaCry attacks used. This serves as a great reminder to all that cyber attacks can strike anywhere, and if you’re not prepared, you could be hit next.
Guess some people never learn. Though Microsoft released patches for the NSA vulnerabilities back in March, some companies have procrastinated the updates. Unfortunately, cyber security always has a deadline, and for Maersk, a Danish shipping and logistics company, that deadline passed two days ago when they were hit with a new ransomware attack, called Petya.
The recent WannaCry ransomware attacks cost an average of $4 billion in losses. Millions of people were affected, the biggest names being Fed-Ex, and a string of UK hospitals. The leaked exploits had patches available before any of these attacks occurred, but not many updated in time. After causing some major publicity, the ransomware spread was stopped. Many updated their Windows operating systems to avoid future cyber attacks.
Except Maersk didn’t update, and although they were attacked by the same ransomware that affected so many others this past May, the results were the same. See, Petya and WannaCry both exploited a vulnerability in Microsoft’s Server Message Block (SMB), dubbed EternalBlue by the NSA. The security patches weren’t specific to the malware, rather to the exploit.
This isn’t the first time Maersk has been attacked. A popular movie, Captain Phillips, illustrates the true story of the Maersk Alabama, an oil tanker that was hijacked by pirates in 2009. Though not ransomware, the company’s luck doesn’t seem to be very good when it comes to criminal activity.
Since Maersk didn’t update their operating systems to include the key security patches, they were attacked by the ransomware. In a Reuters interview with Vincent Clerc, the CCO or Chief Commercial Officer, it was discovered that almost all orders were affected. Not only that, but they weren’t able to process any new orders. Maersk is one of the bigger corporations in the world, currently ranked 558th biggest by Forbes. Their annual revenue is almost $50 billion, which translates to almost $137 million per day. Being down for more than two days means that they potentially lost an estimated $300 million.
Maersk later reported their systems to be back online, and that business could continue as usual by July 3. You can view the press release on their website. However, the total amount of losses is not yet known. They reported many delays and potential losses to be avoidable as far as current shipping goes, but for the time period that they were without computer systems, they could have lost hundreds of millions of dollars.
Microsoft released critical security patches for multiple operating systems, including the non-supported Windows XP, and Windows Server 2003. Whatever system Maersk uses, there has been a security patch available to them since late March. The updates are free, but now they are going to cost them hundreds of millions of dollars.
It’s interesting to note that the Petya ransomware charges by default $300 for the un-encryption key the victim needs to recover their files. The hackers only receive a tiny percentage of the actual cost to the company. For those who have yet to update their systems with the necessary patches, remember that it could cost you a lot more than just a Bitcoin or two. And for those who don’t yet have cyber security for their company, note that a cyber attack could happen to anyone. Make sure all your bases are covered with a tool like Nessus Vulnerability Scan. Scan your website today to make sure you are safe.