Cyber Resilience: Lessons from an International Shipping Firm

An international shipping company fell victim to a serious cyber attack. The IT manager was urgently notified by the National Cybersecurity Agency (NCA) that their company’s information had been flagged on a list of potential targets compiled by an international cyber criminal group.

The client found themselves without any cyber security measures or insurance coverage. Faced with this dire situation, they promptly turned to TSG for assistance.

TSG launched into action, executing a comprehensive incident response plan. Our experts meticulously examined the client’s IT systems and network environments, identifying points of compromise and swiftly shutting down systems and accounts associated with the threat actor.

Following this, we orchestrated the restoration and recovery of the affected systems, effectively minimising the incurred damages.

The impact of the cyber attack was severe, leaving the client’s essential systems, including their active directory and warehouse management system, inoperative for extended periods, even during weekends, to facilitate the threat remediation process. This led to significant downtime for the business, resulting in substantial financial losses.

Despite the breach, it is worth noting that the threat actor failed to activate any malicious software, suggesting that they gained access through a zero-day vulnerability in the client’s firewall router.

The substantial downtime experienced by the client, primarily affecting key systems like the active directory and warehouse management system, resulted in considerable financial implications. The financial impact, not accounting for business interruption costs, was substantial.

To significantly reduce their exposure to such cyber security threats, the organisation could have adopted several proactive measures.
These measures include the implementation of robust cyber security controls, such as a comprehensive patch management policy for hardware, a stringent password policy enforcing the use of complex passwords throughout the organisation, and the implementation of Multifactor Authentication (MFA) on vital systems to prevent unauthorised access.