Recovery from cyber attack ‘long and complicated’, Maersk admits


Maersk said the recovery of its IT infrastructure is “progressing well” following last week’s cyber attack, with key applications relaunching today, but a full recovery would be “long and complicated”.

Operationally, Maersk Line and Maersk’s APMT terminal operations are mostly up and running, with only one port unable to export – at Rotterdam’s Maasvlakte II, where gates were expected to open today for exports.   

“We also see in all markets – except one – that our intermodal deliveries are functioning, and we have seen good improvements in our deliveries in, for example, the UK and India,” Maersk said last night. “We have experienced some challenges on import documentation and are extremely grateful for our customers’ and partners’ understanding in this, and look very much forward to, Monday, again having full access to the data that enables us to serve our customers well in this area.”

In terms of its capabilities to accept new bookings, Maersk said: “We remain open for business and are accepting bookings both via INTTRA, online forms, and through EDI. We are preparing for a strong week and expect to open up for more channels, enabling you to book on your preferred method of transaction.”

But in a note to customers this morning, Maersk acknowledged that it still faced significant challenges and backlogs in processing bookings and in making a full IT recovery.

Having “never experienced anything like this”, Maersk said it had “achieved a milestone in the journey to be back fully online. Today we can finally reopen our key applications.”

Maersk continued: “Our plan is being followed diligently and we continue with perseverance. The IT infrastructure restoration teams have been working intensively and we now have most of our main applications up and running. As promised, today we are online.

“However, we need to acknowledge that the journey to recover from such a cyber attack is long and complicated. Our overriding goal is to get back to an absolutely safe operation. To successfully serve our global customers, we run 1,500 applications which need to be brought up one by one in the correct sequence and enable 49,000 end users across 500 locations.

“This all takes time, but we continue to work through it with perseverance and absolute commitment.”

Maersk ask customers for their continued patience, acknowledging that it “will not be able to offer you the same instant guidance and support you are used to as our teams are getting access to the applications in a phased approach”, adding: “In the coming days, our focus remains on getting back to being fully operational across the business with the expectation to have all applications and users fully functional to serve you within a week. We will also diligently work through the six days of backlog which needs to be cleared in order to give you the full transparency you expect.”

As reported in Lloyd’s Loading List, the world’s largest container shipping group Maersk was hit on 27 June by the ‘Petya’ major cyber attack that has affected a number of major companies around the world, bringing down and causing Maersk to close down IT systems across multiple sites and business units. The cyber attack has also had some impact on DHL Express in Ukraine and also on TNT operations globally.