Logistics service returns after two days work to rectify system
Container logistics platform Containerchain has returned to normal operations following a ransomware attack, though users will need to change their login and password details.
Freight transport entities are the targets of a spate of cyber-attacks that have claimed freight transport providers regardless of mode, with Toll the most high-profile Australian target but even this month, containership operator CMA CGM has been the subject of a ransomware attack.
In this latest incident, the Containerchain system was down from around midnight of Friday after the attack was detected.
“We swiftly detected a ransomware cyberattack shortly before midnight and immediately implemented our emergency response procedures, while isolating the relevant platform servers,” system users were informed just before 3pm on Saturday.
“Given the regular 15-minute backups and time of night, we anticipate no or very limited data loss upon recovery.
“We are working to return the system to customer production as quickly as possible and expect access to be restored no later than start of business Monday morning.
“We trust that shipping lines, seaport terminal operators and road transporters enact immediate contingency arrangements and that leniency is provided in terms of late container de-hire events as a direct result of this incident.”
By 3am today, the platform advises, it has got on top of the threat.
“The Containerchain team has worked continuously since detecting the cyberattack just before Friday midnight AEDT and the system has been successfully restored with all applications secured and online.
“Due to the very low transaction volumes at the time of the attack, minimal, if any data loss is likely to be experienced for AU, NZ, SG and MY customers.”
It advises users of the various functions to they must change their password on initial login.
In an emailed response to ATN, Containerchain parent company WiseTech Global made the following comments:
“Containerchain experienced a cyberattack shortly before 12:00am AEDT on Friday, 16 October 2020.
“The company detected the incident and implemented its emergency response procedures, including isolating the relevant platform servers.
“The team worked continuously since the incident to ensure the cyberattack was fully addressed.
“The system was successfully secured and restored at 3am AEDT on Monday, 19 October 2020, allowing for business to return in the Asia Pacific region from business commencement Monday.
“Given the near midnight AEDT time of the incident, the rapid response and frequent standard backups, minimal if any data loss is likely to be experienced.
“No CargoWise One, CargoWise Cloud or other WiseTech Global Group platforms are impacted.”
While not new to the broad transport and logistics sector, cybercrime has gone to another level since the Covid-19 crisis began.
In May, email and data security company Mimecast reported transportation, storage and delivery is “the third-most attacked industry globally by cyber criminals since the emergence of the virus, behind the retail and manufacturing industries”.