Wan Hai Hit By Cyberattack

Over the weekend, hackers took down the public-facing website of Taiwanese container carrier Wan Hai Lines. The identity of the hackers has not been determined.

Wan Hai has confirmed the attack to Taiwanese media, and said that it has retained the services of foreign cyber experts to try to determine what went wrong. The shutdown affected the public-facing website beginning April 18. The incident has not affected the company's physical operations, Wan Hai said, and no breaches of internal data have been discovered. 

As of Monday, Wan Hai's main website was back up and visible to the public - with an added anti-DDOS identity verification step. Wan Hai said in a statement that the appropriate authorities have been informed of the attack. 

Wan Hai is just the latest in a long string of maritime businesses to encounter cyber disruption, most related to ransomware. Maersk suffered what may have been the worst cyber incident in the sector in 2017, when a Russia-linked malware virus took down business systems at its global APM Terminals division for days. This cut Maersk's worldwide shipping volume by an estimated 20 percent overnight; the recovery effort took months, and the overall impact cost Maersk at least $300 million in business disruption, network reconstruction and client reimbursement costs.

Unlike the common hack-for-profit scams seen in shipping, the Maersk/APM incident was an engineered nation-state attack on a specific target, with Western businesses suffering collateral damage. Most shipping companies encounter more benign ransomware schemes, perpetrated by financially-motivated hackers who can be paid to restore access.