MSC reported Friday that a network outage is affecting systems at its Geneva headquarters, and that a cyber attack might be responsible. As of Tuesday 16:00 GMT, the MSC website is still down and the company has released very little new information. General operations appear not to be widely impacted yet, but precedent shows that an operational disruption can be extremely value destructive to a company like MSC.
If the incident is confirmed to be caused by a cyber attack, this serves as a reminder that disruption risks to company’s operations are the costliest threat posed by poor cyber governance.
A billion-dollar global company, MSC’s 571 container ships account for 16% of global TEU capacity (a rough measurement of shipping capacity). With COVID‑19 disruptions to global trade already representing an enormous strategic challenge to the shipping industry, MSC can ill afford to deal with a cyber attack-driven operational disruption such as the one faced by Maersk in 2017. As a reminder, the NotPetya attack disrupted Maersk’s operations for 2 weeks, resulted in a 20% reduction in shipping volume during the outage, caused $300m in direct economic damage, and by Cyberhedge’s analysis led to $8.4b in value loss to Maersk shareholders.
While MSC claims that clients can still contact the company using secondary methods such as via phone, email or through local offices, the ongoing shutdown of its website and myMSC booking system is likely to prove costly, with the damage increasing with each hour that the systems are down. Maersk undertook unprecedented efforts to get its systems back online. In today’s digital-first environment, customers depend on these systems to keep track of their own business links with partner companies such as MSC, and operational shutdowns can cause costly disruptions that quickly ripple through vulnerable just-in-time global supply chains. These supply chains are badly stretched already currently due to COVID‑19, adding to the pressure on MSC to quickly restore control of its IT systems in order to return to normal operations. If the disruption was in fact caused by a cyber attack, MSC will then need to move to address the underlying cyber weaknesses that contributed to the breach to reduce the likelihood of a future disruption.