A number of IMO’s web-based services became unavailable on Wednesday 30 September. The systems impacted included the IMO public website and other web-based services. IMO’s internal and external email systems continued to function.
The KUDO platform (used for virtual meeting sessions with simultaneous interpretation) has been unaffected and continued to function, without issue, during Wednesday’s Facilitation Committee (FAL) session and is continuing during today’s final FAL session.
The interruption of web-based services was caused by a sophisticated cyber-attack against the Organization’s IT systems that overcame robust security measures in place.
IMO has ISO/IEC 27001:2013 certification for its information security management system. IMO was the first UN organization to get this certification in 2015.
The IMO Headquarters file servers are located in the UK, with extensive backup systems in Geneva. The backup and restore system is regularly tested.
Following the attack the Secretariat shut down key systems to prevent further damage from the attack.
The Secretariat is working with UN International Computing Centre (UN ICC) and security experts to restore systems as soon as possible, to identify the source of the attack, and further enhance security systems to prevent recurrence.
Since yesterday (01/10/2020), service has been restored to the GISIS database; IMODOCS; and Virtual Publications. For security reasons, these systems were not available for a few hours early this morning but they are now back up and running.
Service will be restored to other web-based services as soon as possible and as safe as possible.
The Secretariat takes its responsibilities for cyber risk management and information security management extremely seriously and has acted immediately to address the cyber attack and to implement measures to ensure the risk of recurrence is minimised.