Shipping giant Maersk was forced to reinstall its entire IT environment in 10 days to recover from the NotPetya malware in June last year.
Chairman of AP Moller-Maersk, Jim Hagemann Snabe, revealed the full extent of damage caused by the infection while speaking at the World Economic Forum in Switzerland overnight.
NotPetya hit a range of big businesses when it was released into the wild in June last year, encrypting computers and demanding a ransom. It is suspected the malware's real purpose was to infect computer infrastructure in the Ukraine.
Snabe - who is a former co-CEO of SAP - said Maersk was forced to revert to manual processes for 10 days while it had “no IT” systems worldwide.
“We basically found that we had to reinstall an entire infrastructure,” Snabe said.
“We had to install 4000 new servers, 45,000 new PCs, 2500 applications, and that was done in a heroic effort over 10 days.
“Normally - I come from the IT industry - you’d say that’s going to take six months. I can only thank the employees and partners that we had doing that.”
While the restoration work occurred, the rest of the company set about manually processing the enormous volumes of containers in the supply chain.
Snabe said Maersk is responsible for shipping around a fifth of containers worldwide, and, on average, a ship laden with between 10,000 and 20,000 containers arrived at a port every 15 minutes.
“Imagine a company where a ship with [those volumes] enters a port every 15 minutes and for 10 days you have no IT. It’s almost impossible to even imagine,” he said.
“We actually overcame the problem with human resilience.
“We only had a 20 percent drop in volumes so we managed 80 percent of that volume manually - and our customers were great contributors to overcoming that.”
The incident has unsurprisingly had a lasting effect on the company.
Snabe described it as a “significant wake-up call”. It’s also been an expensive one, with financial damage of between US$250m and $300m.
Snabe said the infection showed Maersk was “basically average when it comes to cyber security”.
“This was a wake-up call to become not just good [at cyber security]. but [to get to a point] where our ability to manage cyber security becomes a competitive advantage,” Snabe said.
“That’s the ambition that we have.”
He used the platform of the World Economic Forum meeting to call for industry-wide efforts to redouble around infosec and securing the internet.
“We are quite a technologically driven company, with more than 90 percent of all orders coming through the internet,” he said.
“But the next level of dependency on digital will be everything is digital. All the documents are digital, the boats will be autonomous, and hence the criticality of the infrastructure becomes even more urgent.
“You can not overcome [attacks] with human resilience anymore.”
He called for a “radical improvement of the internet infrastructure and understanding and collaboration between companies, technology companies, and law enforcement” to offset lingering risks around digitisation.
Fellow logistics company TNT was also among the large firms infected by NotPetya. It warned last year that some of the damage from the malware was likely to be permanent.