Cyberattack Hits Multiple Greek Shipping Firms

cc by nd 2.0
Port of Piraeus, the center of Greek shipping (File image courtesy Jeffrey / CC BY ND 2.0)

Published Nov 3, 2021 7:50 PM by The Maritime Executive

Multiple Greek shipping companies have been hit by a ransomware attack that spread through the systems of a popular, well-established IT consulting firm, according to Greek outlet Mononews. 

Danaos Management Consultants, the IT service provider whose services were affected by the hack, confirmed the incident and. The company said that Danaos' own shipping operations have not been hit, and that fewer than 10 percent of its external customers had their files encrypted by the ransomware attack. 

An independent cybersecurity company has been contracted to investigate the incident and determine how the ransomware got inside Danaos' customer-facing systems. Meanwhile, the firm is helping affected clients as they try to restore their systems.

Danaos Management Consultants has been offering IT solutions for the maritime industry since 1986, making it one of the oldest firms in the business. It builds software tools for shipmanagement, including applications for chartering, payroll, crewing, AI analytics, ISM, document management and procurement.

"A cyber-attack incident cannot spoil the image we have created for 36 years," CEO Dimitris Theodosiou told Mononews. 

A cybersecurity expert contacted by TME suggested that the attack shows the reality of IT supply chain risk for shipowners and shipmanagers. Most maritime IT professionals are aware of the risks created by third-party remote maintenance for the operational technology (OT) on board their ships; fewer, however, are concerned about how vulnerable their shoreside enterprise sytems might be to an attack that arrives through a vendor's software. 

"The preparedness to deal with a supply chain attack is very low across the [maritime] sector," the cyber expert said. "While some of the companies [that we have surveyed] ran cyber drills to prepare for incident readiness and resilience, none of them involved their suppliers in those drills." 

A vendor software update was the vehicle that carried the devastating NotPetya malware virus into Maersk's IT servers in 2017. That attack resulted in "100 percent destruction of anything based on Microsoft that was attached to the network," including 49,000 laptops and 3,500 servers, according to Maersk chief information officer Adam Banks. The resulting business disruption cost the world's biggest ocean carrier about $350 million in economic losses.

Top image: Piraeus (Jeffrey / CC BY ND 2.0)