Several Greek shipping companies have been hacked
According to Greek news outlet Mononews, multiple Greek shipping companies have been affected by a ransomware attack that propagated through the networks of a well-known IT consulting firm.
The attack was made through the companies' IT service provider, Danaos Management Consultants, who verified the attack. According to the company, the ransomware attack did not affect Danaos' own shipping operations, and only about 10% of its external clients' files were encrypted.
Danaos has hired an independent cybersecurity firm to look into the situation and figure out how the ransomware got into its customer-facing systems. Meanwhile, the organization is assisting clients who are attempting to recover their systems.
Since 1986, Danaos Management Consultants has provided IT solutions to the Greek maritime industry.
Danaos Management developed ship management software, including chartering, payroll, crewing, AI analytics, ISM, document management, and procurement applications.
The attack demonstrates the reality of the cyber domain for shipowners and ship operators.
The maritime sector's preparedness to deal with a cyber-attack in all its forms is relatively low.
In 2017, the disastrous NotPetya cyber attack on Maersk's IT servers via a vendor software upgrade. According to Maersk chief information officer Adam Banks, the attack resulted in "100% destruction of anything based on Microsoft that was tied to the network," including 49,000 laptops and 3,500 servers. The ensuing business disruption cost the world's largest ocean carrier $350 million in lost revenue.
Since then the maritime industry suffered from hundreds of cyber-attacks. It is estimated the during 2020 more than 500 cyber attacks were carried out against the maritime industry, an industry with relatively poor preparedness and cyber resilience.