Operations at JNPT terminal affected by cyberattack: Centre

New Delhi, June 28

The central government on Wednesday confirmed that one of Jawaharlal Nehru Port Trust’s terminals had been affected by the latest ransomware attack that hit Ukraine’s government websites, the country’s banking services, Russian’s biggest oil company and spread to several multinational companies across western Europe on Tuesday.

"The (shipping) ministry has confirmed that one terminal at JNPT has been affected due to the attack at Maersk's Hague office," an official said on Wednesday morning.

(Follow The Tribune on Facebook; and Twitter @thetribunechd)

The government however said that there was no large-scale impact of the ransomware that some experts have identified as Petya.

"We have been taking proactive steps. We’ve sent out advisories (on the cyberattack and the malware). India is not much affected at this stage," Information Technology Minister Ravi Shankar Prasad said at a national convention here on 'Digitalization: Opportunities and Challenges'.

Shipping giant AP Moller-Maersk group, one of the affected entities globally, operates the Gateway Terminals India (GTI) at JNPT — which has a capacity to handle 1.8 million standard container units — confirmed that its operations were hit by a cyberattack.

"We can confirm that on Tuesday, June 27, AP Moller-Maersk was hit as part of a cyberattack named Petya, affecting multiple sites and select business units," Maersk said in a tweet. "We are responding to the situation to contain and limit the impact and uphold operations," the group said, adding they were "assessing and managing" the situation to minimise the impact on its customers and partners.

"We have been informed that the operations at GTI have come to a standstill because their systems are down (due to the malware attack). They are trying to work manually," a senior JNPT official said on Tuesday.

The official explained that JNPT was trying to help the company, but there was little that could be done because the malware had hit the system.

Fearing some clogging up of cargo, additional parking space is being made available, the official said.

The Hague-based APM Terminals also operates the Pipavav terminal in Gujarat.

Foreign media reports from the Netherlands capital The Hague quoting the pubcaster RTV Rijnmond said a new ransomware virus called Petya has hit 17 APM terminals, including two in Rotterdam and 15 in other parts of the world.

APM Terminals is a subsidiary of shipping giant Maersk, which has confirmed that it is suffering from a cyberattack.

"We can confirm that Maersk's IT systems are down across multiple geographies and business units due to a cyberattack. We continue to assess the situation. The safety of our employees, our operation and our customers businesses is our top priority. We will update when we have more information," the spokesperson said in a written statement issued globally.

The current attacks come weeks after the Wannacry ransomware attack, which affected systems of many companies.

Firms that were hit today include Russia's biggest oil company Rosneft, global advertising giant WPP Group and multiple institutions in Ukraine, including its central bank and an international airport.

An AFP report quoting the Ukrainian central bank said a cyberattack hit several lenders in the ex-Soviet republic, hindering operations and leading the regulator to warn other financial institutions to tighten security measures.

One of the victims of Tuesday's cyberattack, a Ukrainian media company, said its computers were blocked and it had received a demand for $300 worth of the Bitcoin crypto-currency to restore access to its files.

"If you see this text, then your files are no longer accessible, because they have been encrypted. Perhaps you are busy looking for a way to recover your files, but don't waste your time. Nobody can recover your files without our decryption service," the message said, according to a screenshot posted by Ukraine's Channel 24.

The same message appeared on computers at shipping giant AP Moller-Maersk offices in Rotterdam, according to screenshots posted on local media.

The Moscow-based cyber security firm Group IB traced the origins of the malware and the hackers to a code developed by the US National Security Agency (NSA) that was leaked and then used in the Wannacry ransomware attack that caused global disruption last month, according to the AFP report.

The global wire quoted a Ukrainian media company, which was hit, as saying its computers were blocked and it had received a demand for $300 worth of the Bitcoin crypto- currency to restore access to its files. — PTI/ Agencies