The shipping company has revealed that the cyber attack has cost $300 million in lost revenue.
Maersk CEO Soren Skou said “In the last week of the 2nd quarter we were hit by a cyber-attack, which mainly impacted Maersk Line, APM Terminals and Damco. Business volumes were negatively affected for a couple of weeks in July and as a consequence, our Q3 results will be impacted. We expect that the cyber-attack will impact results negatively by USD 200-300m.”
The announcement that Maersk had been hit by an attack, named NotPatya, came towards the end of June. The attack meant that workers were not able to access any systems unless they paid 300 million in bitcoin, and took two weeks to fix, in which time affected terminals could not move any cargo.
According to their interim report, as soon as A.P. Moller – Maersk became aware that systems had been affected, action to respond was initiated including closing down infected networks. The malware was contained to only impact the container related businesses of A.P. Moller – Maersk, and therefore six out of nine businesses, including all Energy businesses, could uphold normal operations. A.P. Moller – Maersk also remained in full control of all vessels throughout the situation, and all employees were safe. For Maersk Line, APM Terminals and Damco, systems had to be shut down for a period for precautionary measures, as they have global interfaces across businesses and partners.
These system shutdowns resulted in significant business interruption during the shutdown period, with limited financial impact in Q2, while the impact in Q3 is larger, due to temporary lost revenue in July. While the businesses were significantly affected by this cyber-attack, no data breach or data loss to third-parties has occurred.
The attack was contained on Wednesday 28 June and so began the technical recovery plan with key IT partners and global cyber security agencies. On Thursday 29 June, Maersk Line was able to accept bookings from customers with existing accounts and gradually progressed to more normalised operations for Maersk Line, Damco and APM Terminals during the week of 3 July to 9 July.
The report continued saying that this cyber-attack was a previously unseen type of malware, and updates and patches applied to both the Windows systems and antivirus were not an effective protection in this case. In response to this new type of malware, different and further protective measures have been put in place.
However, the attack doesn’t seem to have had a negative affect on overall profit predictions. According to Skou “Maersk Line is again profitable delivering in line with guidance, with revenue growing by USD 1bn year-on-year in the second quarter. The profit was USD 490m higher than the same quarter last year, based on higher rates,”