© Pop Nukoonrat
Maersk denies it has been cyber-attacked by hacker group Nameless Sudan, regardless of leaked buyer credentials showing on social media.
The group posted a .txt file with a number of usernames and passwords of Maersk clients on its telegram channel, alongside AI artwork and threats of assaults in opposition to different Swedish and Danish corporations, citing as its motivation “their burning of the Quran”.
“We’ve got extra knowledge, that is only a pattern,” learn the submit, however Maersk says it’s not apparent whether or not the info is present.
Spokesman Jonatan Rying Larsen stated: “There is no such thing as a indication of any breach or compromise of Maersk techniques.
“We’re conscious of a declare that knowledge purporting to be ours has been printed by cyber criminals. There may be proof of credentials belonging to a really restricted variety of each energetic and inactive particular person clients have been obtained by cyber criminals outdoors our techniques. This was instantly recognized and countered by our facet.
“We take knowledge leaks extraordinarily critically and will probably be investigating this absolutely.”
It’s doable the info is the aftermath of the 2017 NotPetya ransomware assault in opposition to Maersk, which locked the corporate’s techniques. In a ‘double extortion’ ransomware assault, knowledge resembling passwords is first copied by hackers after which encrypted for ransom.
“There’s a chance this might be earlier knowledge from a double ransomware assault,” Ken Munro, of PenTestPartners, advised The Loadstar. “If the info is present, it’s indicative of a present breach. But it surely might be that somebody stumbled onto the info on the darkish net and assumed it was present. Knowledge on the darkish net is troublesome to attribute and date.”
“It might be one in every of their transport brokers that’s been breached. That’s in all probability extra doubtless, as Maersk has spent plenty of money and time enhancing cybersecurity.”
A February report by German cybersecurity agency Truesec means that, removed from being motivated by Islamic fundamentalism, Nameless Sudan is a Russian state-sponsored hacker organisation utilizing a plausibly deniable cowl to intrude with Sweden’s software to affix NATO.
The Maersk information happens in opposition to a backdrop of elevated cyber-risk in transport following a DNV hack this yr and a rising emphasis on concentrating on transport for monetary achieve, in accordance with an ENISA report this week.
“Criminals observe the cash,” stated Mr Munro. “In the event you’re seeking to make some huge cash, you’d be higher off taking a look at an business the place some huge cash is transacted and has much less mature cybersecurity techniques. Maritime… is a distributed, difficult, world community with a number of factors of entry, a number of methods to get issues flawed and, maybe, a historic unwillingness to put money into cybersecurity.”