A.P. Moller-Maersk, the world’s largest container shipping company, has said that it expects as much as a $300 million fall in profits after the June 27 ransomware incident, the firm noted in a public report.
Maersk executives said they expected losses of between $200 million and $300 million — which will be reflected in the next earnings report — because of a “significant business interruption” caused by the spread of a ransomware variant known as NotPetya inside corporate networks.
The disclosure was attached to Maersk’s second-quarter earnings report.
On June 27th, Maersk became one of the most high-profile victims of the cyber-attack, which hit about 7,000 companies globally. It was distributed through Ukrainian accounting software called MeDoc, used for filing tax returns in the country.
“The MeDoc software contained back-doors into the networks of users of the software, which were used by the malware to enter via the software’s automatic update system,” said the company.
The malware was ring-fenced and only impacted on the container -related businesses of Maersk Line, APM Terminals and Damco, said the company – with the vast majority of the impact in Maersk Line.
“While the businesses were significantly affected by this cyber-attack, no data breach or data loss to third parties has occurred,” said the company. Skou added that business and volume levels were back to normal two weeks after the attack.
The other six of the group’s nine businesses, including energy, were able to maintain normal operations, said Maersk.
“The malware was contained to only impact the container related businesses of A.P. Moller – Maersk, and therefore six out of nine businesses, including all Energy businesses, could uphold normal operations,” Maersk stated. “These system shutdowns resulted in significant business interruption during the shutdown period, with limited financial impact in Q2, while the impact in Q3 is larger.”
According to research conducted by Kaspersky Lab and ESET, the “patient zero” behind Petya is a popular Ukrainian accounting software firm named M.E. Doc. A booby-trapped software update was rolled out by the company to unsuspecting users earlier this year. A hacker was able to penetrate M.E. Doc at some point in time and infect the company’s software update mechanism. Ukraine police ultimately shut down operations and confiscated hardware from M.E. Doc in early July.
Even with these losses, the company is forecast to improve on last year’s figure of $711 millions of underlying profits for the year to the end of December, according to commentary in the second quarter results announcement covering the period to the end of June.
“The main reason for the improvement in result is the underlying fundamentals in container shipping and that is of course very positive for both Maersk Line and APM Terminals,” said CEO Søren Skou during a call with investors.
Maersk Line reported a profit of $339 million in the three months to the end of June, after four consecutive loss-making quarters.
“We are recovering from a dire 2016,” said CFO Jakob Stausholm during the call.
Photo courtesy of Buonasera