CMA CGM confirms malware attack

Container vessel CMA CGM Rossini. Credit: HASENPUSCH. DIETMAR

French container shipping company CMA CGM is currently dealing with a cyber security attack impacting its peripheral servers.

The company identified a security breach on the morning of 28 September and posted on Twitter that external access to its IT applications was unavailable. CMA CGM shut down the external access to its network to stop the malicious software or malware from spreading further into its systems.

CMA CGM said in a press release that its cyber security teams are “fully mobilised and actively working to restore access to its network”.

The CMA CGM network remains available to the Group’s customers for all booking and operation requests. Internal and independent experts will conduct a full investigation into the security breach.

This is the second reported cyber-attack on a container shipping company this year. MSC Mediterranean experienced a network outage on 10 April at its headquarters in Geneva. An investigation found that it was the result of a malware attack and affected a limited number of the company’s computer systems.

According to IHS Markit’s 2020 Maritime Cyber Security survey, malware attacks were the third most common type of cyber-attack in the last 12 months, at 33%. Meanwhile, phishing (the fraudulent attempt to gather sensitive information such as passwords through email) was identified as the main type of cyber-attack experienced in the maritime industry at 68%. This was followed by spear phishing (the targeted form of phishing emails) at 41%.

SAS has contacted CMA CGM for comment.