conti attacks TST Logistics
Incident Date:
March 9, 2022
Overview
Title
conti attacks TST Logistics
Victim
TST Logistics
Attacker
Conti
Location
First Reported
March 9, 2022
Maersk Logistics Suffers Ransomware Attack by Conti Group
Maersk Logistics, a global transportation and logistics company, has reportedly been targeted by the ransomware group Conti. The attack was announced on the group's dark web leak site, and while the specific details of the attack are not yet available, it is known that Maersk operates in the transportation sector and has a significant presence in the shipping industry.
Company Overview
Maersk is a Danish conglomerate with a workforce of nearly 90,000 employees and operations in 130 countries. The company is known for its extensive shipping and logistics services, including container shipping, supply vessel operations, and terminal management.
Industry Standout
Maersk is a leading player in the global shipping industry, with a significant market share and a reputation for innovation and efficiency. The company has been recognized for its efforts in improving cybersecurity, particularly in the wake of the 2017 NotPetya ransomware attack, which forced the company to reinstall 4,000 servers, 45,000 PCs, and 2,500 applications.
Vulnerabilities
Despite its efforts to improve cybersecurity, Maersk has been targeted by ransomware groups in the past. The 2017 NotPetya attack, which was traced to compromised tax-accounting software widely used in Ukraine, caused significant disruption to the company's operations. The attack was particularly devastating due to the widespread use of the EternalBlue exploit, which targeted unpatched Microsoft Windows systems.
The Conti ransomware group's attack on Maersk Logistics underscores the ongoing threat of cyberattacks in the transportation and logistics sector. While Maersk has demonstrated its ability to recover from such attacks, the cost and disruption caused by these incidents highlight the need for continued vigilance and investment in cybersecurity measures.
Sources
- Maersk Logistics Website
- The Loadstar: Maersk says posted data is not current and not from attack by hackers
- ZDNet: Maersk forced to reinstall 4000 servers, 45000 PCs due to NotPetya attack
- Los Angeles Times: Cyberattack cost Maersk as much as $300 million and disrupted operations for 2 weeks
- Reuters: Maersk says global IT breakdown caused by cyber attack
- Industrial Cybersecurity Pulse: Throwback Attack: How NotPetya Ransomware Took Down Maersk
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.