Shipping Company Maersk Says June Cyberattack Could Cost It Up To $300 Million

An anonymous reader shares an article: Container shipping company A.P. Moller Maersk on Tuesday said it expects that computer issues triggered by the NotPetya cyberattack will cost the company as much as $300 million in lost revenue. "In the last week of the [second] quarter we were hit by a cyber-attack, which mainly impacted Maersk Line, APM Terminals and Damco," Maersk CEO Soren Skou said in a statement. "Business volumes were negatively affected for a couple of weeks in July and as a consequence, our Q3 results will be impacted. We expect that the cyber-attack will impact results negatively by USD 200-300m." Maersk Line was able to take bookings from existing customers two days after the attack, and things gradually got back to normal over the following week, the company said. It said it did not lose third-party data as a result of the attack.

Just patch it.

[ErikTheRed]

Maersk claimed that “updates and patches applied to both the Windows systems and antivirus were not an effective protection.” Garbage. The patches against this attack were released in mid-March and April. They got hit at the end of June. There's no good reason to delay patching endpoints for more than a week at most, Most problematic patches for mainstream operating systems are pulled within 24-48 hours, so even three days is fairly conservative now.