Hits Pipavav Port, JNPT
Maersk terminals at ports disrupted
NEW DELHI: Operations at one of three terminals at India’s largest container port, Jawaharlal Nehru Port Trust (JNPT) run by AP Moller-Maersk, near Mumbai, were disrupted by the global ransomware attack, the port said on Wednesday. The version that caused the disruption has been dubbed GoldenEye by security firm Bitdefender Labs.
Operations at the Danish firm’s terminal at Gujarat Pipavav Port were also affected, but by the Petya variant of ransomware.
Ransomware logs users out of their own systems and asks them to pay a ransom if they want to access the encrypted data.
“The central server is in Europe which we can’t control. It is not a problem aimed at India... we have become collateral damage,” said a senior Indian government official involved in cyber security operations.
The ransomware hit the integrated transport and logistics firm’s global operations on Tuesday across its 75 terminals. It also impacted Chernobyl’s radiation monitoring system, law firm DLA Piper, pharma company Merck, a number of banks, an airport, the Kiev metro, UK ad giant WPP and Russian oil firm Rosneft, according to Bitdefender Labs.
“The IT (information technology) department of JNPT became aware of the attack at around 4.30 pm on Tuesday. The Windows server started conking off and the master file got encrypted and we couldn’t access any data. The operations immediately came to a standstill,” said a JNPT official requesting anonymity.
AP Moller-Maersk operates the Gateway Terminals India (GTI) at JNPT which has a capacity to handle 1.8 million standard container units. JNPT, which ships more than half the containerised cargo passing through India’s ports, serves a vast hinterland comprising all of northern and western India.
“While the DP World and JNPT terminals are operational, the Gateway Terminals India operated by APM is shut down,” said the JNPT official.
This is the second major ransomware attack since May after hackers exploited a loophole that was first identified by the US National Security Agency, to create WannaCry, that hit businesses in over 150 countries, including India. The ministry of corporate affairs and the Andhra Pradesh Police were hit, besides several large organisations..
“While the terminal operator is taking steps to address the issues disrupting the operations, it is anticipated that there could be bunching of in-bound and outbound container cargo,” the shipping ministry said in a statement.
Maersk group, via its terminal and infrastructure business, has invested $800 million in India.
“The global attack has impacted APM terminal of the JNPT port. The operations at the terminal have slowed down and are being entered manually. We are trying to handle the crisis by diverting traffic to other terminals,” JNPT chairman Anil Diggikar said, adding that JNPT’s operations have not been affected to a great extent. He said it would take 24 hours to clear the backlog.
Gujarat Pipavav Port told stock exchanges that the ransomware did not have “any major impact on the company at this point in time.”
Ravi Shankar Prasad, minister of electronics and information technology, on Wednesday said that advisories have been issued and the government is keeping a close watch on developments.
Experts believe India is illequipped to face such attacks.
“Transportation and shipping companies are ill-prepared for cyber attacks,” added Amit Jaju, executive director, fraud investigation and dispute services, EY. “Indian companies lose approximately ₹40,000 crore due to cybercrime every year.”