CMA CGM S.A., a French maritime transport and logistics giant, revealed that a malware attack affected some servers on its network.
The company is present in over 160 countries through 755 offices and 750 warehouses with 110,000 employees and 489 vessels. CMA CGM serves 420 of the world’s 521 commercial ports and operates on more than 200 shipping lines.
In response to the attack, the IT staff at the CMA CGM isolated some applications for the Internet to avoid the malware from spreading to other systems.
“The CMA CGM Group (excluding CEVA Logistics) is currently dealing with a cyber-attack impacting peripheral servers.” reads the security notice published by the company. “As soon as the security breach was detected, external access to applications was interrupted to prevent the malware from spreading.”
According to a report published by Lloyd’s List, the company’s Chinese offices were allegedly infected with the Ragnar Locker ransomware.
The Ragnar Locker appeared in the threat landscape at the end of the 2019 when it was employed in attacks against corporate networks.
One of the victims of the ransomware is the energy giant Energias de Portugal (EDP), where the attackers claimed to have stolen 10 TB of files.
“The French carrier was asked by hackers using the Ragnar Locker ransomware to contact them within two days ‘via live chat and pay for the special decryption key’. No ransom price has been named yet” reads the report.
At the time of writing, the external access to CMA CGM IT applications is currently unavailable. Customers have to contact their local agencies for all bookings.
The company is investigating the incident with the help of independent experts.
“An investigation is underway, conducted by our internal experts and by independent experts,” continues the notice. “A new communication will be issued at the end of the day.”
(SecurityAffairs – hacking, ransomware)
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.