14% of APM Terminals temporarily shut down by computer attack

Of 78 port facilities globally operated by Maersk sister company APM Terminals, 11 had received no ships in the 48 hours following the attack, reports Splash, citing data provided by CargoSmart. It should be noted that two of these ports – Barcelona and Algeciras – were also suffering from the Spanish stevedore strikes. APM Terminals has said since that most of its terminals were now operating, but not all of them at normal speed. A Maersk release yesterday afternoon listed 14 ports operating only manually on the marine side, with seven ports closed to either loading or discharge or both. Two ports had an “unknown” status.

The most impacted ports appeared to be Apapa (Africa), APMT Rotterdam (Europe), Gothenburg (Europe), Maasvlakte II (Europe), Callao (Latin America) and Los Angeles (North America). CargoSmart data indicated that nearly three-quarters of Maersk vessels were running normally at a speed of more than five knots. Maersk has said Wednesday night that it was taking bookings via electronic transaction platform INTTRA, from New Jersey-based Inttra Inc. By yesterday afternoon Maersk had opened secure links for new cargo bookings, using EDI (“will be held and batch confirmed early next week”) and via a simplified online booking form. However, Maersk said that “we have some limitations … for some dangerous goods categories”. Maersk Tankers was trialling Google Earth to show vessel positioning.

Maersk Australia and NZ managing director Gerard Morrison told Splash that the unit’s phone and email systems had been deliberately shut down to stop further spreading of the virus. He said that NZ staff had kept the system going manually so that it could tell the Ports of Auckland and Tauranga what to do with the cargo sitting on ships waiting to be offloaded.

Meanwhile in India, VPT deputy chairman PL Haranadh said that “as VCTPL is expecting one of the largest vessels by Maersk Liner on Thursday morning, we have decided to dispense with electronic handling to avoid spread of the virus”. With 80% of the victims of what is usually being called a Petya malware variant (but which could actually be a “new” species, hence the “NotPetya” assignation by some) being in Ukraine, and the worrying fact that the virus appears to be as much a “wiper” as it is ransomware (it destroys data either as well as or instead of encryption) the suspected motive for the attack is shifting back to the political, with non-Ukrainian companies being “collateral damage”. https://visibility.cargosmart.com/vesseltrack/ http://www.maersk.com/en/operationalupdate