We know the Chinese play by their own rules when it comes to cyber attacks. Apparently, that extends to breach notification, as well
"Due to local network breakdown within our America regions, local email and network telephone cannot work properly at the moment."
But it wasn't long until the Journal of Commerce reported the company had actually been hit with a cyber attack, as you see in this tweet:
Next, The Long Beach Press-Telegram confirmed with a company spokesperson that a ransomware attack was the "network breakdown" and the company's website and
And there is more.
COSCO has now issued three updates on the situation, but has never mentioned the words cyber attack or ransomware in any of them.
But it almost did.
This morning's update says the following: "After the network security problem in the Americas has been detected, to protect the interests of our customers, we have taken proactive measures to isolate internal networks to carry out technical inspections on
Did you catch that? The company switched from "network breakdown" to "network security problem." The company also says this: "We have started contingency plans, such as transfer of operations and conducting operation via remote access...."
Those plans include setting up a long list of Yahoo and Gmail email accounts and addresses for COSCO customers to communicate with the company. We're talking dozens of these accounts.
That complete list of addresses was published July 26,
Here is what we also learned in the FAQ under the heading "Network Problem."
- By Americas, COSCO means the following: "The network failures affected areas include the United States, Canada, Panama, Argentina, Brazil, Peru, Chile
- These are the impacted networks: "Email systems in
US, Canada, Panama andPeru are temporarily unavailable. Internet phone systems in US, Canada, and Panama are temporarily shut down."
- This cyber incident is not impacting ships. "All the vessels of our company are operating as normal."
Is it possible the company meant to announce a cyber attack or ransomware attack but the news was lost in translation?
The latest update says this: "... and we are expecting your kind understanding."
Not exactly how most companies would have worded it.