Rotterdam port arms itself against a new cyber attack
The cyber attack on container terminals in the port of Rotterdam last June was a very costly warning and had a big impact on the port. For the coming year everything will be done to avoid repetition, said harbor master René de Vries yesterday in his review of 2017.
“If someone had said a year ago that a hack could have so much influence, I would not have believed it. What happened in June was beyond my imagination. It gave a lot of information to think about “, said the harbor master who is responsible for the safety of shipping traffic in the port. Just now that he can finally report that there are fewer and fewer collisions and ‘parking damages’, threats of a more modern nature come into play.
In June last year, criminals launched a global cyber attack with so-called ransomware (Not¬Petya) that hijacked computers. It stunned many companies, but at no container company the damage was as big as at the container company APM, a daughter of shipping giant Maersk. Not one but two Rotterdam terminals were affected by the hostage virus.
Not the whole port was flat, but the chaos was bigger than expected, with unemployed cranes and trucks that couldn’t do anything. It took weeks before the APM systems could run again and ships could be unloaded and loaded. Ships sailed to another port in the intervening time. Maersk does not make announcements about the damage suffered, but the estimates are in the hundreds of millions of euros.
De Vries previously warned here and there about possible attacks on computers, but it was still a far-off-my-bed show for many companies. Warnings to regularly renew passwords, for example, were often audibly heard, but without many people being worried about this. “Now everyone is awake and companies come to us with questions.”
Since then, the necessary changes have taken place. For example, De Vries was appointed Port Cyber Resilience Officer by Mayor Aboutaleb, with whom he became the point of contact in the port for cyber attacks. Although the security of computer systems is the responsibility of the individual companies in the port, the interdependence is too great to let this go its own way.
For example, there is now a six-week Port Cyber Café where companies exchange knowledge about safety. Much more compelling is the obligation for port companies to report disruptions of computer systems above a certain level at De Vries from the beginning of this year. There is regular practice with emergencies where a system is supposedly flat. “We want to know what to do next,” says De Vries, who can not guarantee that it will not happen again. However radical the consequences of the cyber attack were, it can not be seen in the annual figures. Rotterdam received about six hundred seagoing vessels more in 2017 than in the previous year.
The total number of nearly thirty thousand ships is slightly below that of 2008, when the economic crisis broke out.
Photo: Siebe Swart