Container company APM did not have ICT security in order during NotPetya attack

Spread the love

APM, a subsidiary of container carrier Maersk, had inadequate ICT security and had been warned about this several times in previous years, according to research. APM was a victim of the worldwide attack with the NotPetya ransomware.

For years, APM is said to have struggled with security flaws. For example, one of the most important systems, the so-called Terminal Operating System, would not be equipped with antivirus software until 2015. Also, for some time there was no look at who had access to sensitive systems, and until two years ago no penetration tests were done to test the security of the network. This is reported by De Volkskrant based on its own research.

Even after that, things went wrong, according to the newspaper. The leadership of the Maersk subsidiary is said to have blocked improvements for ICT security several times because the renewal of the systems was accompanied by downtime. Despite explicit warnings, the leadership would not have wanted to change the policy.

APM was one of the victims of the worldwide NotPetya attack. The ransomware shut down the container company’s computer network, forcing administrative work to be done by hand, among other things. Business operations also came to a standstill for some time. APM has not yet responded to the reports of De Volkskrant.

You might also like
Exit mobile version