MSC confirms malware attack

Business & Finance

April 16, 2020, by Jasmina Ovcina Mandra

Mediterranean Shipping Company (MSC) has confirmed that some of its digital tools and its website were down due to a malware attack.

The network outage which was affecting the company’s data centers in Geneva from Friday, April 10, was resolved yesterday.

The outage was impacting the company’s digital booking tool myMSC, and the company’s agents around the globe took over via more traditional means to make sure the uninterrupted flow of cargo continued.

“After a thorough investigation, we confirmed that it was confined to a limited number of physical computer systems in Geneva only and we determined that it was a malware attack based on an engineered targeted vulnerability,” the company said in a statement.

“We have shared as per industry standards the malware with our technology partners so that mitigations could be made available not only to us. “

The Geneva-based container shipping major explained that the attack had a limited impact on its operations and that its cargo operations continued as normal.

The world’s second-largest container shipping company added that the incident posed no threat to parties engaging in business with the company and that it was not aware of any data being lost or compromised.

Commenting on the time it took the company to address the issue, MSC said the timing of the incident in the midst of the COVID-19 pandemic when the majority of people are working from home combined with the Easter holiday posed some challenges.

“We resolved this quickly, but we intentionally did not rush things. It was very important to us to ensure that we had a validated solution in place and to cover off all necessary checks and testing before making the website live again and that this would not pose any risk, even if unlikely, to any of our customers or partners,” the statement reads.

MSC added that it took the threat of cyber-security in the shipping industry very seriously and adopted all necessary security protocols in its communications and business transactions in addition to regular cyber-security training for employees.

“While we consider this incident to be resolved, we are not complacent and we remain focused and cautious in our approach to information technology. MSC remains committed to minimising the risk of systems failure and protecting our business from cyber-security threats,” MSC concluded.