Japanese shipping company Kawasaki Kisen Kaisha, known as “K” Line issued a brief statement today confirming that its computer systems have once again been breached with “unauthorized access to overseas subsidiary systems.” One of Japan’s oldest and largest shipping companies, with a fleet of more than 400 ships, “K” Line had only recently recovered from a previous cyberattack also through an overseas affiliate of the shipping line.
“We offer our sincerest apologies for any complications and concerns that this may bring to our potentially impacted customers and stakeholders,” the company said in its official statement dated July 1. “We are aware that information and data alleged to have been acquired from an overseas subsidiary system was published recently.”
The company said that an investigation is ongoing, but that it has found no indication that the unauthorized access continues. “We have engaged outside experts who are currently conducting investigations on the authenticity of such information and the details of the facts.”
Just over three months ago, on March 18, 2021, “K” Line also reported that it was experiencing system disruptions in some of its enterprise systems. In that instance, the company said it suspected the failure was due to a malware infection introduced through its overseas affiliate. While they believed that there was no loss of data, and they reported that the operations of their global fleet was not impacted, the company was however forced to temporarily shut down its enterprise systems and its external connections.
Ten days after the prior breach was discovered, “K” Lines reported that some of its systems had been recovered. The line stated that it was resuming operations step by step but it was not until April 21 that they reported that the recovery had been completed.
During the recovery, they reported that multiple virus scan programs were installed on all PCs to strengthen security and tighten control on each PC. They also said that they were reinforcing security measures against viruses and external attacks with better early detection and better control of important information. They said a full incident investigation and review of existing security measures were being carried out with external systems experts.
This latest incident once again highlights that cybercriminals are targeting the shipping industry, Korea’s shipping company HMM also recently reported that it also experienced an attack and there were reports in Korean media that shipbuilder Daewoo Shipbuilding & Marine Engineering Co. was also being investigated for a potential cyber breach. In that instance, it was feared that the criminals might have been seeking classified information on the country’s submarines. Last year, there were several high-profile cyberattacks, including one that took shipping giant CMA CGM Group offline worldwide and one that interrupted some meeting capabilities of the International Maritime Organization.