Danish shipping giant A.P. Moller-Maersk, one of the global companies hardest hit by a malicious software that froze computers around the globe, said Thursday that most of its terminals are now operational, though some remain crippled.
The Copenhagen-based company said that some terminals are "operating slower than usual or with limited functionality." Problems have been reported across the shippers' global business, from Mobile, Alabama, to Mumbai in India.
The shipping company is one of a number of major corporations and government agencies—from logistics firm FedEx to Ukraine's banking system—to have been hit by the software epidemic.
Maersk, as the shipper is known, says it's able to accept bookings again via the INNTRA booking platform but that its logistics division, Damco, "has limited access to certain systems."
Maersk says it can't be specific about how many sites were affected or when business will get to normal. It also said it had deliberately shut down "a number of IT systems" which also had an impact on email systems.
As companies and governments gauged the cost of the attack, experts were trying to shed light on who launched it and why.
The attack has the telltale signs of ransomware, which scrambles a computer's data until a payment is made. But some analysts believe this attack was less aimed at gathering money than at sending a message to Ukraine, where it seems to have originated, and its allies.
That hunch was buttressed by the way the malware appears to have been seeded using a rogue update to a piece of Ukrainian accounting software—suggesting an attacker focused on Ukrainian targets.
And it comes on the anniversary of the assassination of a senior Ukrainian military intelligence officer and a day before a national holiday celebrating a new constitution signed after the breakup of the Soviet Union.
Explore further: Cyberattack blocks Maersk terminals, new orders