Event: Cyberattack, 2017
In June 2017, operations at one of the three terminals of the Jawaharlal Nehru Port Trust (JNPT) were disrupted by a global cyberattack on its port operator, the Danish AP Moller-Maersk. JNPT is a major transshipment hub in South Asia (Jadhav R., & Rocha E., 2017).
Causes and impact
A global cyberattack using the NotPetya malware created a major security breach and had a severe and global impact on AP Moller-Maersk operations, and affected all of Maersk’s ports and partners. The JNOT terminal temporarily closed, while containers piled up outside the port due to technical delays in loading and unloading. Congestion also involved trucks in the hinterland.
Response and mitigation measures
A substitute port, Gujarat Pipavav Port, also operated by APM Terminals, was identified to limit the disruption. Disaster management was led directly by Maersk, as the whole company’s IT system was down and severely threatened. Meanwhile, JNPT port brought in cyber experts to prevent further damages from the security breach. It also made alternative arrangements to divert container traffic. Planning for congestion, the JNPT worked with local authorities to identify more storage areas for containers being stranded. Traffic control teams were deployed to address anticipated road congestion.
Lessons learned and good practice
- A digital transition should be accompanied by measures and tools to protect data and systems security.
- Prevention alone is not sufficient. Automated detection and response systems are necessary, as is limiting the number of privileged accounts.
- Cyberattacks are a business and commercial problem, and not only a technology problem. Therefore, partnerships between management and IT are crucial for handling cybersecurity threats.
- Collaborate among ports and stakeholders, including competing ports to ensure that flexible arrangements can be found amid crises and disruptions (e.g. e-route traffic and plan for reducing congestion).