Container shipping company A.P. Moller-Maersk says a cyberattack that disrupted its operations will come with a hefty price tag of as much as $300 million in lost revenue.
The Danish conglomerate, known as the largest container ship and vessel operator in the world, announced the estimated losses in its second quarter financial report.
“In the last week of the [second] quarter we were hit by a cyber-attack, which mainly impacted Maersk Line, APM Terminals and Damco. Business volumes were negatively affected for a couple of weeks in July and as a consequence, our Q3 results will be impacted. We expect that the cyber-attack will impact results negatively by USD 200-300m,” said AP Moller-Maersk Group CEO Søren Skou.
The company was among the many corporations that were affected by the NotPetya ransomware outbreak earlier this year, which originated in Ukraine before rapidly spreading internationally.
After learning of the cyberattack on June 27, the company said it immediately worked to shut down infected networks to help contain the malware.
“The attack was contained on Wednesday 28 June and A.P. Moller – Maersk began implementing the technical recovery plan with key IT partners and global cyber security agencies. On Thursday 29 June, Maersk Line was able to accept bookings from customers with existing accounts,” the financial report read.
According to Maersk, the system shutdowns resulted in “significant business interruption,” with the majority of the financial impact expected to reflect in Q3.
Nonetheless, the company added that due to its precautionary measures, “no data breach or data loss to third-parties had occurred.”
Maersk also stated the company has put in place “different and further protective measures” to defend against such digital attacks.
A recent survey revealed that despite the global disruption caused by both the WannaCry and NotPetya attacks, 68% of information security professionals feel their organizations have not made the necessary security improvements to thwart future attacks.
Tim Erlin, VP of product management and strategy at Tripwire, feels organizations’ lacking response is dangerous considering the financial implications:
“If you were lucky enough not to have been directly affected by WannaCry or Petya, take it as an opportunity to get your cybersecurity house in order… All it takes is one data breach or another WannaCry and your company has lost data, money, credibility and most importantly, customer trust, which is one of the most difficult things to recover.”