US Network of COSCO was Hit by a Ransomware Attack

One of the largest shipping giant of world falls prey to a ransomware attack, when its American network was taken down, which might lead to millions of dollars of overhead cost. The ransomware attack was against COSCO (China Ocean Shipping Company).

In a similar incident, Maersk, a much larger shipping company and a rival of COSCO, suffered huge losses through a ransomware attack called NotPetya. The attack was so strong that it impacted all its operations on August 2017. The ransomware attack resulted in huge financial loss to the company, which came out to be a whopping amount of 200 million dollars to 300 million dollars.

Being a much smaller company as compared to Maersk, COSCO supposedly would be suffering huge losses due to the operational infrastructure loss. For its US network outage, COSCO blamed it on the 'local network failure'.

COSCO, in its press release stated that "due to local network breakdown within our America regions, local email and network telephone cannot work properly at the moment". It further said that in order to maintain safety measures and for further investigations, the company has shut down its connections with the other regions for now.

However, Bleeping Computer quoted that within the company's internal emails that were seen by various maritime news sites, COSCO has referred the attack as ransomware infection.

Though COSCO has not responded to Bleeping Computer on this, but it has already warned all its employees to not open any suspicious emails, and ask to use antivirus software to clean its internal networks from time to time.

The attack happened on July 24, and it impacted the company's IT infrastructure of American Region, including telephone network and email servers. US website of the company has also gone offline due to this attack. The US employees of the company are using public email accounts of Yahoo for replying to the customer queries reported through social media.

AlienVault security advocate, Javvad Malik, said "it's important to have good threat detection and response controls in place so that any attack can be dealt with swiftly." He further added that COSCO was wise enough to segregate its infected network from their other networks, so that they can prevent the attack from spreading further.

» SPAMfighter News - 8/6/2018