The Trojan malware called NotPetya was programmed to delete files on infected computers.
The cyber attacks created by hackers to infect company computer systems have claimed another victim, with A.P. Moller-Maersk Group only avoiding losses of hundreds-of-millions of pounds thanks to the success of other arms of its business. The Danish shipping giant could have lost as much as £235m ($300m) after it suffered a malware cyber attack in June, the company has said, had it not been for continued recovery in the container market. The predicted financial loss was felt after the company was exposed to a virus that was believed to have been hidden inside an accounting software package originating from Ukraine.
“In the last week of the quarter we were hit by a cyber attack, which mainly impacted Maersk Line, APM Terminals and Damco,” said Søren Skou, CEO of A.P. Moller-Maersk. “Business volumes were negatively affected for a couple of weeks in July and as a consequence, our Q3 results will be impacted. We expect the cyber-attack will impact results negatively by $200-300m.”
Revealed this month in A.P. Moller-Maersk Group Q2 Interim Report, as soon as the company became aware that systems had been affected a response was put into place that included shutting down infected networks. Despite being impacted by the security breaches, six of A.P. Moller-Maersk’s businesses, including all its energy businesses, were able to continue normal operations.
Allegedly hidden within Ukranian accounting software programme, MeDoc, the Trojan malware called NotPetya was programmed to delete files on infected computers. However, MeDoc has strenuously denied the accusation, writing on its Facebook page that it couldn’t have been responsible for the attack.
Security company Eset, which develops anti-virus products designed for use in both homes and businesses, reported that MeDoc published a warning on its website in an attempt to prevent other users from also becoming infected.
Those users who have been infected are faced with a message in red text on a black background asking for money payment before encrypted files are decrypted. “Ooops, you important files are encrypted. If you see this text, then your files are no longer accessible, because they have been encrypted … We guarantee that you can recover all your files safely and easily. All you need to do is submit the payment [$300 bitcoins] and purchase the decryption key.”
To lower the chances of such an attack happening again, A.P. Moller-Maersk wrote in a report released in response to the attack that it had put in place “different and further protective measures and is continuing to review its systems to defend against attacks”.
You may also be interested in these stories from Transport Security World...