SHIPPING giant CMA CGM Group has confirmed that is currently dealing with a cyberattack impacting peripheral servers.

As reported in Daily Cargo News, the CMA CGM website, as well as the websites of some subsidiary businesses such as ANL, were out of action on Monday.

The attack excluded CEVA Logistics whose website has remained fully functional.


“As soon as the security breach was detected, external access to applications was interrupted to prevent the malware from spreading,” CMA CGM said in a statement.

“Our teams are fully mobilized and access to our information systems is gradually resuming.”

The CMA CGM network remains available to the group’s customers for booking and operation requests.

“An investigation is underway, conducted by our internal experts and by independent experts,” the company stated.

International maritime publication Lloyd’s List has reported that a hacker requested CMA CGM contact it within two days “via live chat and pay for the special decryption key”.

CMA CGM joins many other significant shipping and logistics players to have been targeted.

In June 2017 AP Moller-Maersk was subject to an attack using NotPetya malware.

MSC was targeted earlier this year, as was Toll Group which experienced two attacks in 2020 alone.

While big players may be able to endure some pain, Cyber Citadel’s Jonathan Sharrock said small companies could be devastated.

“Small sized companies may not be able to survive and recover from this type of attack,” Mr Sharrock told Daily Cargo News.

“The only real solution is to have effective backups, this will include, offline and encrypted backups.”

Principal research scientist for IT security company Sophos, Chester Wisniewski, said there was a trend towards attacks on international businesses.

“While we are all vulnerable to attack, the attack on CMA CGM, the French shipping giant, continues to paint a picture of who is most vulnerable,” Mr Wisniewski said.

“While hospitals, schools and municipal governments dominate the headlines, international manufacturers and service companies seem to be victims more often than industries with traditional strong IT security functions like finance, defense, and technology firms,” he said.

Mr Wisniewski noted CMA CGM was the fourth major shipping firm to be hit with ransomware after Maersk, Cosco and Mediterranean Shipping.

“Having far flung operations around the world makes securing these types of firms extremely difficult, yet no less important than other industries,” he said.

“IT security needs to be at the forefront for all industries, not just those who are of national security concern.”

Freight and Trade Alliance head of business operations John Park said there had been a number of attacks on shipping lines both prior and during the COVID-19 pandemic.

“This disruption has certainly come at an unfortunate time given the issues being faced by stevedores with protected industrial action being taken around Australian ports by the Maritime Union of Australia,” Mr Park said.

“That said a number of our FTA and Australian Peak Shippers Association members have advised they have received calls from the CMA CGM group and support has been first class providing alternate contact methods by email and / or mobile phones,” he said.

“FTA/ APSA acknowledge the prompt actions taken by the CMA-CGM group.”