Threat Watch

One of the World’s Largest Shipping Companies Hit by Suspected Cyber-Attack

Late last week, the servers at the headquarters for the Mediterranean Shipping Company (MSC) in Geneva, Switzerland had to be taken offline and still remain offline. According to a company spokesman, the outage is currently only impacting internal processes to the headquarters, and the “myMSC” portal, which is utilized by clients to schedule and track their shipments. While they have not stated exactly what is causing their network issues, they stated that they are not ruling out a cyber-attack and that servers were taken offline for “security reasons.” Luckily the outage does not appear to be impacting supply chain operations as MSC has multiple redundancies in place for supporting their customers around the world, including the “INTTRA” and “GT Nexus” systems to book shipments. Customers can also contact MSC directly through phone calls and emails to conduct business.

ANALYST NOTES

At this time, the incident involving MSC appears to have been a best-case scenario, assuming malware or other malicious activity is responsible. In the event of a security incident being able to segregate affected systems and fall back on multiple redundancies to continue operations can be the critical difference in how an organization is able to recover. With business operations around the entire world being impacted by the COVID-19 pandemic, degradation in service by one of the largest shipping companies in the world could be catastrophic. Early detection of unauthorized or malicious activity by skilled security analysts using Endpoint Detection and Response (EDR) software gives companies the ability to stop intrusions early and minimize the damage done in a situation like this. Planning and preparation for potential cyber-incidents can also greatly impact a company’s ability to act quickly and recover before irreversible damage is done. Binary Defense’s Security Operations Center and Managed Detection and Response (MDR) solutions can assist in the early detection of malicious activity on endpoints before there is an opportunity for movement throughout a company’s network. Our sister company, TrustedSec, provides training and preparation services which can assist organizations in the creation of policies and procedures to ensure that the company’s ability to respond and recover from threats is swift. More information on this incident can be found at https://www.infosecurity-magazine.com/news/msc-suffers-suspected-cyberattack/