COSCO suffers ransomware attack

Share this…

Networks in 8 countries in North and South America remain offline

A “local network collapse”, allegedly caused by a ransomware infection, has led China Ocean Shipping Company (COSCO) to shut down all of its American office networks, including the one in the United States, while its system are restored, according to reports of specialists in enterprise data protection services from the International Institute of Cyber Security.

“For safety precautions, we have closed connections with other regions for further research”, the company mentioned in a statement. “So far, all ships in our company are operating normally, and our main trading systems are operating stably”.

COSCO has offices in 27 countries in North and South America, but not all have been affected. According to enterprise data protection services expert reports, the areas affected by network failures include the United States, Canada, Panama, Argentina, Brazil, Peru, Chile and Uruguay.

COSCO’s Canadian website, for example, shows an error message that says: “We are sorry to inform you that our network and our local systems in Canada are not available, as well as some email accounts”.

Ransomware infection reports

Multiple maritime media outlets, including Lloyd’s List, mention that domestic emails from COSCO reported that the company’s network outage was due to an outbreak of ransomware.

COSCO has not responded to questions about which variant of the ransomware attack may have been responsible for the failure, how many systems have been affected, or whether it has received rescue messages from hackers.

The affected offices of COSCO, including those of the US, have been disabled to use the company’s corporate email or telephone systems.

“Due to the failure of the local network in our region of America, local mail and the network phone do not work properly at this time. For safety precautions, we have closed connections with other regions for future research”, the company mentions in subsequent safety warnings.

The ransomware outbreak occurs shortly after COSCO took control of Orient Overseas Container Lines, one of its Asian rivals, which also gave it a large container facility in the port of Long Beach, California.

Last year, the largest shipping company in the world, Maersk, was the victim of ransomware NotPetya in late June, forcing the boats to redirect and leaving the company unable to dock or unload cargo ships in dozens of ports.

The Danish shipping company estimated that it would suffer up to 300M USD in losses due to the outbreak of ransomware.

Over the past few months, experts in enterprise data protection services say that many hackers have left using encryption malware attacks to attack with malware designed to infect systems and extract several cryptocurrency. But while these cryptojacking attacks are on the rise, many hacker organizations continue to deploy ransomware campaigns.