UN Maritime Shipping Agency Forced Offline

The United Nations (UN) agency for international maritime shipping came under a cyber-attack early in October which took a number of services offline and there is speculation that the incident was a ransomware attack.

The International Maritime Organisation (IMO) is responsible for the regulation, safety and security of global shipping. It  has now revealedhat its website was “undergoing some technical issues.” It admitted a day later that these had actually been caused by malicious actors.

In an announcement, the IMO said its Global Integrated Shipping Information Systems (GISIS) database, document repository IMODOCS, and its Virtual Publications service had been affected by the attack but were now restored.  The organisation’s email and virtual meeting platforms were unaffected.

The IMO said restoration of the other unnamed services affected by the attack would take place “as soon as possible and as safe as possible....The interruption of web-based services was caused by a sophisticated cyber-attack against the organization’s IT systems that overcame robust security measures in place. IMO has ISO/IEC 27001:2013 certification for its information security management system. IMO was the first UN organisation to get this certification in 2015,” the IMO explained.

The IMO headquarters file servers are located in the UK, with extensive backup systems in Geneva. The backup and restore system is regularly tested. Following the attack, the secretariat shut down key systems to prevent further damage from the attack.

The  French maritime shipping giant CMA CGM had a similar outage after a breach at its Chinese offices which knocked out some servers and applications.

IMO:     Infosecurity Magazine:      MyTechDecsions:  

You Might Also Read:

Cyber Security Deadline For Mariners:

 

« Protecting The Security Of Australian Universities
IBM Restructures To Concentrate On The Cloud »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Infosecurity Europe, 3-5 June 2025, ExCel London

Infosecurity Europe, 3-5 June 2025, ExCel London

This year, Infosecurity Europe marks 30 years of bringing the global cybersecurity community together to further our joint mission of Building a Safer Cyber World.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Nixu

Nixu

Nixu is the largest Nordic specialist company in information security consulting.

Silent Breach

Silent Breach

Silent Breach specializes in network security and digital asset protection. Services include Pentesting, Security Assessments, Incident Detection & Response, Governance Risk & Compliance.

Robert Half Technology

Robert Half Technology

Robert Half Technology offers a full spectrum of technology staffing solutions to meet contract and full-time IT recruitment needs.

Netresec

Netresec

Netresec is an independent software vendor with focus on the network security field. We specialize in software for network forensics and analysis of network traffic.

Rhebo

Rhebo

Rhebo Industrial Protector monitors and ensures the continuous, correct, and predictable operation of real-time Industrial Control Systems to prevent outages and reduce downtimes.

Veracity Industrial Networks

Veracity Industrial Networks

Veracity provides an innovative industrial network platform that improves the reliability, efficiency, and security of industrial networks and devices.

Ergo

Ergo

Ergo is a world-class IT Partner of choice, leveraging the latest technology available in cloud, mobility, big data, analytics, and social media.

Swedish Incubators & Science Parks (SISP)

Swedish Incubators & Science Parks (SISP)

Swedish Incubators & Science Parks (SISP) is the Swedish industry association for Swedish incubators and science parks.

IoTeX

IoTeX

Building the connected world. IoTeX is a fast, secure, and decentralized platform that connects real world devices/data to the blockchain.

SecAlliance

SecAlliance

SecAlliance is a cyber threat intelligence product and services company.

Aleo

Aleo

Aleo is building the world's leading developer platform for enabling absolute privacy on blockchains.

Tailscale

Tailscale

Tailscale is a VPN service that makes the devices and applications you own accessible anywhere in the world, securely and effortlessly.

PagerDuty

PagerDuty

PagerDuty is the central nervous system for a company’s digital operations. We identify issues in real-time and bring together the right people to respond to problems faster.

CFTS

CFTS

CFTS 'Computer Facilities Technical Services' is a Ugandan ICT Support Company that specialises in infrastructure and support services including network security.

EtherAuthority

EtherAuthority

EtherAuthority's engineering team has been helping blockchain businesses to secure their smart contract based assets since 2018.

CelcomDigi

CelcomDigi

CelcomDigi aspire to be Malaysia’s top Telco-Tech company, transforming beyond core connectivity to lead digitalization and innovation as part of nation-building.