Companies Work to Contain Fallout From Global Cyberattack

Global firms scrambled to cope with fallout from a cyberattack that disrupted computers across Europe and the U.S., as A.P. Moeller-Maersk, the world's biggest containership operator, shuttering terminals around the world.

Many firms affected said their day-to-day operations hadn't been significantly affected, but said they had been forced to isolate computer systems. In Ukraine, the country that appeared most affected by Tuesday's attack, the government said it had halted the spread of the virus and that key government and business systems were stable.

The one big exception to that relatively muted response: Maersk, a key cog in the world's global supply chain. Whether its various port closures might ricochet more globally will come down to how quickly Maersk restores systems, shipping experts said.

Coordinating ship arrivals, unloading containers and then scheduling storage and trucks to move products out of ports requires a high degree of coordination and efficiency. A big back up in a single port can reverberate more widely quickly.

Maersk said early Wednesday it was still coping with widespread computer outages at its terminals around the world. It said its APM Terminals subsidiary, which runs those ports, was affected by the virus.

"IT systems are down across multiple sites and select business units," the company said Wednesday.

On Tuesday, APM terminals in New Jersey and Los Angeles had been closed. The Dutch port of Rotterdam, one of Europe's biggest, said Wednesday that two container terminals operated by Maersk's APM had stopped activities.

"So far only the two APM terminals are affected. The port is still running at three quarters of its capacity," said Martijn Pols, a spokesman with the Port of Rotterdam.

In Spain, Maersk's APM terminal at the port in Barcelona is currently closed, according to an official. Terminals at Valencia, Castellon and Gijon were all operating. In a tweet, the Barcelona port said the APM terminal "has been affected by the Petya cyberattack and is working to resolve" the problem.

Maersk Line vessels are maneuverable, able to communicate and crews are safe, Maersk said. The company said it has contained the issue and is working on a technical recovery plan with its IT-partners and global cybersecurity agencies.

However, the carrier said it wasn't taking new bookings or offering quotes at the affected terminals.

"We have shut down a number of systems to help contain the issue," it said. Maersk said its oil, drilling, supply services, tanker and other divisions weren't operationally affected.

The origins of the virus affecting computers were still unknown early Wednesday. Security experts described the computer disruption as a cyberattack and said the virus -- dubbed Petya -- appeared to stem in part from an obscure Ukrainian tax software product. A type of "ransomware," the bug locks data and asks for ransom, and spreads quickly from computer system to system -- in this case across Ukraine, Russia, Europe and the U.S. There were few reports from Asia of disruptions.

The ransomware was designed to spread within corporate networks running Microsoft Corp.'s Windows operating system, but didn't appear to be harming consumers, security experts said. A Microsoft spokeswoman on Tuesday said that the company was investigating the outbreak.

Other firms said they also were still recovering from the virus Wednesday.

A spokeswoman for Saint-Gobain, the French building-materials group, said it had been affected by the virus and had isolated computer systems to protect data. "Our production lines are still operational and we continue to serve our clients," it said in a statement.

A spokesman for France's state railway operator SNCF said their systems had been attacked, but there had been no impact on the company. "Our trains are running, all our booking systems are functioning normally, and no major IT dysfunction has been recorded." he said.

Valentina Pop in Brussels, Nick Kostov in Paris, Deborah Ball in Rome and Jennifer Smith in New York contributed to this article.

Write to Dominic Chopping at dominic.chopping@wsj.com and Costas Paris at costas.paris@wsj.com

(END) Dow Jones Newswires

June 28, 2017 07:22 ET (11:22 GMT)