UN Shipping Agency Forced Offline After Cyber-Attack
October 7, 2020 MARITIME CYBER SECURITY
The United Nations agency for international shipping came under cyber-attack at the end of last week, forcing a number of services offline, it has emerged.
Headquartered in London, the International Maritime Organization (IMO) is responsible for the regulation, safety and security of global shipping.
However, it revealed in a tweet last Wednesday that its website was “undergoing some technical issues.” It admitted a day later that these had actually been caused by malicious actors.
In a longer announcement on Friday recapping the incident, the IMO said its Global Integrated Shipping Information Systems (GISIS) database, document repository IMODOCS, and its Virtual Publications service had been affected by the attack but were now restored.
However, at the time of writing, Virtual Publications appeared to still be offline.
The IMO said restoration of the other unnamed services affected by the attack would take place “as soon as possible and as safe as possible.”
“The interruption of web-based services was caused by a sophisticated cyber-attack against the organization’s IT systems that overcame robust security measures in place. IMO has ISO/IEC 27001:2013 certification for its information security management system. IMO was the first UN organization to get this certification in 2015,” the IMO explained.
“The IMO headquarters file servers are located in the UK, with extensive backup systems in Geneva. The backup and restore system is regularly tested. Following the attack the secretariat shut down key systems to prevent further damage from the attack.”
The organization’s email and virtual meeting platforms were unaffected by the incident, it added.
The incident sounds like a ransomware attack: just last week it was revealed that French shipping giant CMA CGM suffered such an outage after a breach at its Chinese offices impacted the availability of some servers and applications.
Source: infosecurity