World's Biggest Container Shipping Line Operating Close to
Normal After Cyberattack
July 5, 2017
A global Danish transport and logistics company says it has
restored most of its information technology systems after
experiencing a major cyberattack last week that affected
companies and government agencies in more than 60 countries.
A.P. Moller-Maersk says it resumed container deliveries at its
major ports Monday, but said it may take another week to restore
all computer functions.
The cyberattack that hit the world's biggest container shipping
line also affected U.S. pharmaceutical company Merck, FedEx
subsidiary TNT, London based international law firm DLA Piper,
and Kyiv's Oschadbank,
Ukrainian authorities have blamed Russia for masterminding the
attack. Russia denies the charge.
Ukraine has repeatedly come under fire from high-powered
cyberattacks tied to Moscow, but several independent experts say
it is too early, based on what is publicly known, to come to a
firm conclusion about who is responsible for this attack.
The hackers encrypted data on infected machines and demanded a
ransom to give it back to its owner. Some researchers question
the motivation behind the attack, saying it may not have been
designed to collect a ransom, but instead to simply destroy
Russian anti-virus firm Kaspersky Lab says the code used in the
hacking software would not have allowed its authors to decrypt
the stolen data even after a ransom had been paid.
The computer virus used in the attack includes code known as
"Eternal Blue", a tool developed by the U.S. National Security
Agency that exploited Microsoft's Windows operating system, and
which was published on the internet in April by a group called
Shadowbrokers. Microsoft released a patch in March to protect
systems from that vulnerability.
attack bore resemblance to the previous "WannaCry" hack, that
sent a wave of crippling ransomware to hospitals across Britain
in May, causing the hospitals to divert ambulances and cancel
surgeries. The program demanded a ransom to unlock access to
files stored on infected machines.
Researchers eventually found a way to thwart the hack, but only
after about 300 people had paid the ransom.
Last week, Tim Rawlins, the director of the Britain-based
cybersecurity consulting firm NCC Group, told VOA the attacks
continue to happen because people have not been keeping up with
effectively patching their computers.
"This is a repeat WannaCry type of outbreak and it really comes
down to the fact that people are not focusing on what they
should be focusing on, the very simple premise of patching your
systems," Rawlins said.