Blinded by Cyberattack, Shipping Giant Maersk Slowly Restarts Operations

A.P. Moeller-Maersk A/S, the world's biggest containership operator, is still struggling to restore its global computer network after a major cyberattack this week forced the company to rely on phone calls and texts to keep operations going.

"I was in a meeting when it happened," Chief Operating Officer Vincent Clerc said in an interview from the company's headquarters in Copenhagen. "Screens went blank, the whole network was hit in a few minutes. We were surprised because you don't expect something like this to happen."

Maersk suffered computer outages at its APM Terminals at ports in the U.S., Europe and India. It stopped taking new cargo for almost three days and is still working to restore basic communications like email.

Containers piled up at ports because they couldn't be loaded on trucks, trains or other ships as there was no access to end-user destination data. "In Los Angeles containers were unloaded, but it was hard to operate the gate and forward them to customers," Mr. Clerc said.

APM Terminals in New Jersey and Los Angeles started delivering imports Friday, though neither site is yet accepting containers loaded for export. APM's Elizabeth, N.J., facility is its largest on the East Coast and typically processes about 4,500 containers a day, according to Giovanni Antonuccio, the terminal's manager of client services.

APM facilities in Mumbai, Buenos Aires and other foreign ports are also back in operation, though the Maasvlakte II terminal in the Netherlands, one of two APM facilities in Rotterdam, hasn't yet reopened.

"We are making progress in taking new orders since yesterday and expect to return to some kind of normalcy on Monday," Mr. Clerc said.

Once Maersk realized it was hit by a cyberattack it shut down its entire network to protect its applications from being infected. "We didn't kick in the backup system because we feared it would be infected as well," Mr. Clerc said. Instead the company resorted to a mostly manual system and used mobile and satellite phones to communicate with ships, terminals and clients.

Security experts said that while the virus appeared to be a variant of "ransomware"--dubbed Petya, the cyberattack appears to have been designed to cause disruption rather than make money. The virus spreads quickly from system to system, locking data and rendering computers inoperable.

Other companies that reported disruptions included U.S. pharmaceuticals firm Merck & Co., British advertising giant WPP Group PLC and Russian oil producer PAO Rosneft.

--Jennifer Smith contributed to this article.

Write to Costas Paris at costas.paris@wsj.com

(END) Dow Jones Newswires

June 30, 2017 16:41 ET (20:41 GMT)