A company that owns fleets of tankers including VLCCs, product tankers and others was hit by a cyber security breach that allowed hackers to gain access to the company’s computer systems.
BW Group told Riviera Maritime Media that the attack happened in July, making it the first shipping-related cyber security breach reported since the NotPetya virus took down the operations of container shipping giant Maersk in late June.
“We had an unauthorised access some time back in July and actions have been taken to rectify the matter,” a BW Group spokesperson confirmed to Riviera Maritime Media in an email exchange.
“Internal and external communications to customers and stakeholders were not impacted, and it was business as usual with some inconveniences … We worked around planned system downtimes as our IT department, with assistance of external consultants, reinforced our cyber security infrastructure.”
According to market intelligence analysts S&P Global, BW Group brought in KPMG’s cyber security consultancy to perform a forensic audit of their systems and the company is working with UK telecommunications giant BT and others to implement new cyber security products.
Cyber attacks against large organisations and businesses have made headlines in recent months after millions were lost in attacks from ransomware viruses such as the WannaCry ransomware and the NotPetya virus, which some researchers have argued was not designed to be used as ransomware.
BW Group has confirmed that the breach of its company’s computer systems did not involve ransomware.
Diane Jenkins, a risk management software consultant who helped to develop the first cyber insurance search engine discussed with Riviera Maritime Media the difficulties in determining the full costs of attacks like those that happened to Maersk. More than 90 days since that attack, she pointed out, Maersk still hadn’t tracked down some of its missing containers.
“How much business interruption loss are they going to face?” Ms Jenkins asked. “We just do not know yet.”
To this point, the NotPetya attack on Maersk is estimated to have cost the company up to US$300M. BW Group did not divulge any information regarding any loss of data or financial assets due to the unauthorised access to its company’s computers.