Maersk rebuilt its entire IT infrastructure to recover from NotPetya
The company, which handles a fifth of the world's shipping, operated for 10 days with no IT
Shipping firm AP Moller-Maersk had to reinstall thousands of PCs and servers to recover from the NotPetya ransomware attack that affected it last summer, it has said.
Over the course of 10 days in June and July, Maersk - the world's largest container shipping company - struggled with administrative chaos, as many of the 76 ports it operates in dealt with NotPetya.
Cancellations and delays caused up to $300 million in lost revenues, Maersk said in August. US pharmaceutical company Merck and courier service FedEx put similar price tags on the effects.
The company has now provided an insight into the cost of the ransomware attack from an IT standpoint, which involved reinstalled more than 45,000 PCs, 4,000 servers and 2,500 applications.
"We basically found that we had to reinstall an entire infrastructure" - Jim Hagemann Snabe, Maersk chairman
Maersk's chairman, Jim Hagemann Snabe, shared the details while participating in a cyberspace security panel at the World Economic Forum in Davos, Switzerland. He said:
"The impact of [NotPetya] is that we basically found that we had to reinstall an entire infrastructure," Snabe continued. "We had to install 4,000 new servers, 45,000 new PCs, 2,500 applications.
"And that was done in a heroic effort over ten days. Normally - I come from the IT industry - I would say it's gonna take six months. It took ten days." Snabe joined SAP as a trainee in 1990, and worked his way up to CEO in 2010.
10 days withour IT
Snabe added that, in the aftermath of the attack, Maersk had almost no IT systems to fall back on:
"Imagine a company where a ship with 20,000 containers would enter a port every 15 minutes, and for ten days you have no IT.
"It's almost impossible to even imagine. And we actually overcome that problem with human resilience. We only had a 20 per cent drop in volume, so we managed 80 per cent of that volume manually… Customers were great contributors to overcoming that."
Although the effects of NotPetya were devastating, Snabe can now see the positive side: "It was an important wake-up call. We were basically average when it comes to cyber-security, like many companies. And this was a wake-up call to become not just good - we actually have a plan to come in a situation where our ability to manage cyber-security becomes a competitive advantage."
You can watch the panel in which Snabe was talking below.