COSCO – Cyber-Attack on US Operations

Posted on Jul 30

COSCO advises on their website that network applications in the Americas have been restored and all communication channels are open again.For more details please visit COSCO’s main website where an updated statement has been posted.
July 27, 2017The recent cyber-attack against COSCO’s US operation also affects systems in other countries of the Americas Region.COSCO issued a Q&A paper at that provides information on system status and operational issues.Vessel operation is not affected.
July 26, 2017Some media outlets report that the effects of the cyber-attack against COSCO’s US Operation has spread to other countries in the Americas region, including Canada, Panama and Brazil.Meanwhile COSCO released the following statement on their website today:After the network security problem in the Americas has been detected, to protect the interests of our customers, we have taken proactive measures to isolate internal networks to carry out technical inspections on global scale. With the reliable confirmation from the technical experts that the networks in all other regions are secure, the network applications were recovered at 16:00 (Beijing Time) on 25th July in all the regions except the Americas. As of now, all the business operations have been back to normal in the regions with network recovered.
Meanwhile, we are trying best to investigate and fix the network problem in the Americas, and it is expected that the network applications will be gradually back to normal soon. We have started contingency plans, such as transfer of operations and conducting operation via remote access, to ensure continuous service in the Americas. During the network failure period, there could be delays in service response in the Americas, and we are expecting your kind understanding.
It is our core value to protect customers’ interests and guarantee network security. Therefore, all the service and communication channels we are now providing are safe and secure. Please rest assured it is safe to keep contact with us via our website, emails, EDI or CargoSmart.
Greatly appreciate your support. We will keep you updated of the latest progress.
Jul 26th, 2018We will continue to provide updates on this issue as they become available to us.
July 25, 2018 (Update)With communication mainly done via e-mail, terminals in the US are processing documentation for COSCO vessels much slower than usual, but seem to get everything settled to keep freight and vessels moving.COSCO states that its vessels are operating mostly on normal schedules and that the main operating systems are stable.Ports in the US and Canada do not report major issues with the handling of COSCO vessels at this point.A concern is that the malware used in the attack might spread to port networks, so the additional security measure taken by the ports also add to the documentation processing time.
July 25, 2018Cosco Shipping’s US operations advises that it was the target of a cyber-attack on Tuesday that impacted the carrier’s ability to communicate with its vessels, customers, vendors, and marine terminals.Apparently Cosco’s operations outside the US have not been affected, so internal communication with US offices is able to take place, but at a slower pace than usual via phone and hard-copy transmissions.Cosco has not yet advised when the US offices will be back online.Customers in the US can either contact the US offices by phone or through their foreign origin offices, a list of the worldwide offices can be found on COSCO’s corporate website.We will monitor the development and advise updates when they become available.