Malware attack: Ransomware hits operations at JNPT terminal, Gujarat port; APM terminals hacked globally

Mumbai: India’s largest container port JNPT, operated by AP Moller-Maersk, and the global firm’s two facilities in the country were affected by a ransomware attack, severely disrupting services. Apart from its terminal at Jawaharlal Nehru Port Trust (JNPT) in Pipavav in Maharashtra and a port in Gujarat, two APM facilities in the country – a container depot in Dadri and a container freight station – were affected in the global malware attack. “The Pipavav terminal, ICD Dadri and CFS Nhava Sheva managed by the APM Group have also been affected by the cyber attack,” JNPT said in a statement tonight. A high-level meeting was held on Wednesday between National Cyber Security Coordinator Gulshan Rai, who rushed to the city following the attack, Chief Commissioner Customs and Excise, JNPT Chairman and Inspector General-Cyber Maharashtra, according to the JNPT release. “The central IT infrastructure of AP Moller-Maersk (APM) installed at the Hague has been affected by a cyber attack on 27th/28th June 2017…the IT infrastructure of Terminal, installed, managed and operated at AP Moller-Maersk at JNPT also got affected due to cyber attack on their central IT infrastructure,” the statement said. The IT team of AP Moller-Maersk together with the IT companies in the country are working to restore the systems and resume cargo operations, it said. However, restoration of their IT infrastructure is linked with restoration of their global IT systems, it added. Apart from making additional parking space available to avoid congestion and clogging of cargo, JNPT and DP World are also extending berthing to vessels bound for APM’s terminal, it said. The impacted terminal handles 4,500 containers per day on both export and import front. The JNPT port, which consists of three terminals, has a capacity to handle 4.5 million standard container units, and GTI Terminal has a 1.8 million TEU capacity. TEU is short for twenty foot equivalent unit and measures the capacity of a container ship and terminal. [caption id=“attachment_2651068” align=“alignleft” width=“380”]  JNPT. Reuters[/caption] The firms that have been hit by the attack, which comes within a month of ‘WannaCry’ malware, include Russia’s biggest oil company Rosneft, global advertising giant WPP Group and multiple institutions in Ukraine, including its central bank and an international airport. Earlier on Wednesday, JNPT, India’s largest container port, asked the operator AP Moller-Maersk to divert traffic of its terminal hit by the ransomware attack to other two units after operations slowed. “There is a slowdown in operations at the GTI Terminal and we have to reduce the impact on the Exim trade. So, we have asked them to divert traffic to the other two terminals,” a senior port official had told PTI. “Right now, we understand that it is a global issue at a group level where 75 ports have been affected. This is being addressed by the company and we do not know how long it would take to resolve the issue,” the official said. APM confirmed that it has been partially impacted. “AP Moller-Maersk was hit as part of a global cyber attack affecting multiple sites and business units. There has been a partial impact at APM Terminals (Gujarat Pipavav Port Ltd). We are responding to the situation to limit the impact and uphold operations,” a spokesperson said in a statement. In a Facebook post, Maersk Line also confirmed that APM Terminals has been impacted at a number of ports.