Skip to main content
close search
site logo
Dive Brief

Maersk reconstructed entire IT infrastructure in 10 days following Nyetya

Published Jan. 29, 2018
Samantha Schwartz's headshot
Samantha Schwartz Reporter
Maersk Line

Dive Brief:

  • Following last June's global wiper cyberattack Nyetya, also known as NotPetya, shipping giant Maersk was forced to reinstall more than 4,000 servers, 45,000 PCs and 2,500 applications in just 10 days, according to Jim Hagemann Snabe, chairman of Maersk, reports Bleeping Computer.

  • "We basically had to reinstall an entire infrastructure," said Snabe, speaking on a panel at the World Economic Forum in Davos, Switzerland last week. The process of reconstructing such massive infrastructure would normally take at least six months, he said.

  • During that time, Maersk was operating essentially without IT and experienced "a 20% drop in volume," according to Snabe.

Dive Insight:

Nyetya, a variant of the ransomware Petya which originated from a hacked Ukrainian website and spread through a false Windows update, struck late last June.

Nyetya spread quickly through the EternalBlue exploit, which was also the tool used in May's WannaCry attackHowever, unlike WannaCry, Nyetya was only disguised as ransomware. The malware was a wiper, and researchers concluded that impacted users would not be able to regain their lost data.

Because Nyetya was designed to "spread fast and cause damage," according to researchers, victims were left with little recourse. Nyetya ultimately cost Maersk between $250 million and $300 million.

From the time of the attack to mid-August, the company had to effectively shut down various global Maersk Group operations. As a result, Maersk's customers were "diverting their bookings" during the initial two-week outbreak, which cost the company a 2.5% decline in Maersk Line volumes.

Overturning an entire technical infrastructure in just 10 days speaks volumes to Maersk's IT workforce. Still, with a proper foundation in cybersecurity, companies are less likely to feel the impact of a global cyberattack.

Reinforcing stricter authorization could also help save a company from massive destruction. After all, one of the ways Nyetya was able to spread so quickly was by automatically stealing company credentials once the code was released.

Recommended Reading

Editors' picks

Company Announcements

View all | Post a press release
PointFive is Apparently the Hottest Cloud Startup, Here is Why
From Jordan Mitchell
November 21, 2024
New Research Reveals AI's Impact on IT's Power, Status, and Pay
From 1E
November 21, 2024
Newgen and Fadata Join Forces to Optimize Insurance Content Management
From Newgen Software
November 13, 2024
Graphiant Predicts Transformative Changes in Enterprise Connectivity and Data Assurance for 20…
From Graphiant
November 20, 2024
Editors' picks
Latest in Security
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell