The Hack of the Port of Rotterdam: A Wake Up Call?
On the 27th of June in 2017 an unexpected cyber-attack put the port of Rotterdam in a complete chaos. A so called (not)Petya-virus took the whole operating system of two of the largest terminals (APM terminals) down, which directly resulted in cranes which stopped moving and containers that kept dangling in air. Subsequently, it took the responsible companies several weeks to repair their systems in order to operate normally again. Total financial damage? Hundreds of millions of euros. Was this hack an incident, or is Cyber Security becoming more relevant than ever?
In a business environment where innovative digital systems and digitization are becoming the norm, and where the majority of companies possess sensitive and personally identifiable information, the importance of cyber security is bigger than ever, and therefore, should be addressed more often.
The hack of the container terminal in the port of Rotterdam portrayed that every company in every industry can potentially be a target of cyber criminals. Motives from these hackers can range from obvious reasons such as money to simply seeing a challenge or even ‘having fun’ in hacking an (large) enterprise. Research shows that it is often financially more advantageous to invest in a sophisticated cyber security program beforehand. The occurrence of a hack could do enormous financial and reputational damage to any company, as was the case with the hack in the port of Rotterdam.
This warning seems redundant, as it is obvious that all companies need advanced data security. However, more than 77% of organizations still do not have a Cyber Security Incident Response Plan and over 80,000 cyber-attacks are being executed daily. Furthermore, 43% of cyber-attacks is aimed at small businesses which have little to no cyber security awareness (Cybint, 2020).
So, we now understand that cyber security is crucial in all businesses. But, what should companies focus on first?
AT&T (2020) came up with five easy ways to improve cyber security in a company:
1. Enforce password rules
2. Update regularly
3. Implement VPNs for all connections
4. Retire all unused services
5. Leverage existing security options
Be aware, be secure!
———————————————————-
https://www.rtlnieuws.nl/economie/artikel/4631/apm-terminal-rotterdam-gedwongen-plat-door-herstelwerk-na-hack
https://www.ad.nl/rotterdam/cyberaanval-ontwrichtte-haven-het-blijft-niet-bij-deze-hack~a9df8631/?referrer=https%3A%2F%2Fwww.google.com%2F
https://www2.deloitte.com/nl/nl/pages/academy/articles/cyber-security-as-an-opportunity-in-the-golden-age-for-hackers.html
https://www.business.att.com/learn/tech-advice/5-easy-ways-to-improve-your-cybersecurity.html#
https://www.klevenberg.com/rotterdam-port-arms-itself-against-a-new-cyber-attac
https://www.cybintsolutions.com/cyber-security-facts-stat/
Cyber security is important subjects for companies who running business. However, still, it is costly to build proper protection system for defense those kinds of threats. I think company should examine more clearly for cyber security. By expecting which kinds of threats can occur and what is the result from the threats, they can think about this topic.
Thank you for your blog post Ablo, it is very insightful! I definitely agree that cyber-attacks are something that companies have to take seriously and be proactive about. For example, in March of 2019 a ransomware attack was performed on Norsk Hydro, one of the worlds largest aluminum companies, and they lost access to their website, network and self-managed IT. It would take months until it was business as usual at the company, due to them not willing to pay the ransom.
A parallel can be drawn between the hacking of the port and Hydro, as both are essential companies for the economy to function properly, and without them there will be more uncertainty in the market. In the case of Hydro they opted for transparency around the incident so that other companies would be able to be proactive to and aware of such a ransomware attack.
References:
https://news.microsoft.com/transform/hackers-hit-norsk-hydro-ransomware-company-responded-transparency/
https://doublepulsar.com/how-lockergoga-took-down-hydro-ransomware-used-in-targeted-attacks-aimed-at-big-business-c666551f5880