As parts of Mediterranean Shipping Co.’s website come back online after being down for four days, the second-largest global container line’s decentralized network and forwarder customer base is allowing it to keep receiving cargo bookings and contain the disruption.
MSC hasn’t ruled out the culprit for the server outage at its Geneva headquarters being malware. The length of the disruption, however, lends credence to suspicions that an outside actor was behind the server outage, which took MSC’s website and booking platform offline late Thursday night.
And while a crippling cyber attack on Maersk in June 2017 may have woken the container shipping industry to a rising digital security threat, the MSC outage more closely resembles a 2018 attack on Cosco Shipping in terms of breadth and damage. By contrast, the attack on Maersk delayed its ships, crippled its marine terminals, and paralyzed its company email network. Maersk’s sister company and forwarder Damco was also negatively affected.
The cyber attack against Cosco in June 2018 only affected its Americas network for several days, hampering its ability to communicate with vessels, customers, vendors, and marine terminals, but the affected network was isolated from others. Similarly, MSC has said that the IT systems at its headquarters are separate from its agency's IT networks to prevent any “issue” in one from affecting the other networks.
Reliance on forwarders
Much of MSC’s customer base consists of forwarders and non-vessel operating common carriers (NVOs), and MSC has been able to lean on its non-asset partners, particularly those with sophisticated IT systems of their own.
When systems fail, there needs to “be qualified people at both ends,” Otto Schacht, executive vice president of sea logistics at Kuehne + Nagel, wrote in a LinkedIn post Saturday. “MSC staff all over the world informed us yesterday within minutes what to do, [the] CIO of MSC contacted me, [and] our Kuehne + Nagel seafreight experts came up with good solutions. The teams MSC has in place are working very hard to deliver a smooth operation.”
MSC, which was an upstart outsider in its early days, has never forgotten its roots serving NVOs, having initially had little access to direct beneficial cargo owner (BCO) cargo and thus maintains to this day deep-rooted loyalty to its NVO accounts. In doing so, MSC has made it clear on multiple occasions that having built its company on the back of NVO business, it would not then turn around and compete with forwarders on their own turf.
With the carrier’s online booking system still down as of Monday night, cargo owners and forwarded have been able to book cargo with MSC via INTTRA, a platform owned by supply chain software provider E2open, and Infor Nexus, another booking platform. MSC employees also continued to take bookings via email and phone. MSC’s decision to keep customer service operations out of its global offices, rather than offshore them as many of its peers have done, also gives it more bandwidth to assist customers owners unable to book via its in-house platform, myMSC.
Encouragingly, part of MSC’s website was operational again as of Monday afternoon, although problems with bookings persisted. Sources at both NVOs and shipment management software providers confirmed to JOC.com Monday evening that they have not been able to make online bookings with the container line, but have been able to do so by phone.