CMA CGM suspects a malware attack may have caused a data breach. The company is investigating the scale, nature, and potential theft of data from the attack as it steadily re-establishes back office connections to its network.
The company identified a security breach on 28 September and posted on Twitter that external access to its IT applications was unavailable. CMA CGM shut down the external access to its network as a precaution to stop the malicious software from spreading further into its systems.
The back offices, or shared service centres, are gradually being reconnected to the network as the malware was isolated rapidly, and all the necessary protection measures were implemented. A company representative said the groups’ technical teams were fully mobilised and continued to restore its information systems following the disruption.
An investigation into the incident by the company’s technical team, alongside independent experts, is still ongoing.
This is the fourth cyber attack targeting the maritime industry in 2020. Transportation and logistics company Toll Group was attacked on 31 January and 12 May. The company had to shut down several systems across multiple business units, causing delays and disruptions to the business. The hackers subsequently published stolen Toll Group data on the dark web. Mediterranean Shipping Co. also underwent a malware attack at its Geneva headquarters on 10 April. An investigation into the incident found that no data was stolen, and the attack only affected a limited number of physical computer systems.
The latest security breach at CMA CGM points to a rise in cyber attacks during COVID-19. According to a June 2020 report published by cyber security company Naval Dome, there was a 400% increase in attempted hacks between February and May. The report also found increases in the use of malware, ransomware, and phishing emails.