Wednesday, August 16, 2017

Maersk Financial Results Reveal Costs of Cyber Security Lapse

But Freight Shipping Giant is Bouncing Back despite Heavy Hits
Shipping News Feature
DENMARK – As AP Moller-Maersk reports its financial results for the first half of the year, the Danish transportation and logistics conglomerate has revealed the extent of the damage caused by the massive cyber-attack in June that crippled several of Maersk's businesses and raised questions about the security in the container shipping industry and the wider supply chain. The second quarter performance of Maersk was mainly driven by the profitability of Maersk Line with an expected negative financial impact of $200-300 million to be realised in the third quarter results from the cyber-attack.

In the second quarter of 2017, the revenue of AP Moller-Maersk grew by 8.4% to $9.6 billion year on year, mainly due to higher freight rates in Maersk Line. The underlying profit in Q2 improved from $134 million to $389 million with Maersk Line contributing with an underlying profit of $327 million. As a result of post-tax impairments of $732 million related to Maersk Tankers and APM Terminals, the reported result was a loss of $264 million. CEO of AP Moller-Maersk, Søren Skou explained:

"Maersk Line is again profitable delivering in line with guidance, with revenue growing by $1 billion year-on-year in the second quarter. The profit was $490 million higher than the same quarter last year, based on higher rates.

"In the last week of the [second] quarter we were hit by a cyber-attack, which mainly impacted Maersk Line, APM Terminals and Damco. Business volumes were negatively affected for a couple of weeks in July and as a consequence, our Q3 results will be impacted. We expect the cyber-attack will impact results negatively by $200-300 million."

On Tuesday 27 June, AP Moller-Maersk was one of many global companies to be hit by a malware later known as NotPetya. The malware was distributed through a Ukrainian accounting software called MeDoc, used for filing tax returns in Ukraine. The MeDoc software contained backdoors into the networks of users of the software, which were used by the malware to enter via the software's automatic update system.

As soon as Maersk became aware that systems had been affected, action to respond was initiated including closing down infected networks. The malware was contained to only impact the container related businesses of AP Moller-Maersk, and therefore six out of nine businesses, including all Energy businesses, could uphold normal operations. Maersk also remained in full control of all vessels throughout the situation, and all employees were safe. For Maersk Line, APM Terminals and Damco, systems had to be shut down for a period for precautionary measures, as they have global interfaces across businesses and partners.

Maersk says that these system shutdowns resulted in significant business interruption during the shutdown period, with limited financial impact in the second, while the impact in Q3 is larger, due to temporary lost revenue in July.

While the businesses were significantly affected by this cyber-attack, no data breach or data loss to third-parties has occurred. The attack was contained on Wednesday 28 June and AP Moller-Maersk began implementing the technical recovery plan with key IT partners and global cyber security agencies. On Thursday 29 June, Maersk Line was able to accept bookings from customers with existing accounts. Maersk gradually progressed to more normalised operations for Maersk Line, Damco and APM Terminals during the week of 3 July to 9 July.

This cyber-attack was a previously unseen type of malware, and updates and patches applied to both the Windows systems and antivirus were not an effective protection in this case. In response to this new type of malware, Maersk says that it has put in place different and further protective measures and is continuing to review its systems to defend against attacks.