Shipping Giant COSCO Hit By Ransomware Attack

By   ISBuzz Team
Writer , Information Security Buzz | Jul 26, 2018 07:30 am PST

A ransomware infection has crippled the US network of one of the world’s largest shipping giants —COSCO (China Ocean Shipping Company). IT security experts commented below.

Javvad Malik,  Security Advocate at AlienVault:

javvad malik“Ransomware continues to wreak havoc within companies. It’s unclear whether this was a targeted or casual attack, but employees should be trained to be able to recognise suspicious emails and not click on links; or have an easy-to-escalate route where they are unsure as to whether an email is malicious or not.

Similarly, it’s important to have good threat detection and response controls in place so that any attack can be dealt with swiftly.COSCO was wise to segregate the infected network from the rest of the networks in order to prevent further spread.

It’s important for companies to have a recovery and response plan prepared in advance so that business functions can be resumed quickly.”

Andy Norton, Director of Threat Intelligence at Lastline:

andy norton“The costs from a loss of operational capability to Maritime organisations has been shown to run into the hundreds of millions of dollars in a matter of days. Ransomware with worm like features have demonstrated a vulnerability in many sectors of business. Perhaps it is a business necessity that shipping organisations  have a relatively open network, that would allow the fast propagation of a worm. If this is the case the dynamic analysis of objects entering the environment would highlight the malicious propagation behaviours and offer risk mitigation against this type of attack.”