In an update Thursday, Maersk Line gave more information into the causes and effects of the Petya cyberattack, which struck its core business IT systems on June 27. Its damage took Maersk weeks to fully repair.
Maersk Line reported that its operations and communications were significantly affected by the attack, but "no data breach or data loss to third-parties is known to have occurred as of this date." Customer systems connected to Maersk's IT were not affected and were not at risk, as confirmed by Maersk's internal staff and by external cyber experts, who report that Petya is not able to spread between networks.
In the wake of the attack, many external observers wondered whether Maersk Line's servers were properly patched and updated. Petya used an exploit similar to the "WannaCry" malware to move between computers running older, un-patched versions of Windows. Maersk Line said that patches and antivirus software were not an effective form of protection against Petya, and that it has added new defenses.
The carrier said that intends to conduct an internal review after its systems are back up to normal, and will share lessons from the attack with its customers and partners.
Progress towards full recovery
On Monday, Maersk Line brought its ETA change notifications service back online, one of its last customer-facing electronic features to return to normal. In addition, its mobile tracking application for Android devices is back up, and it expects the app for iOS to be back in service at the end of this week.