CMA CGM has spent the past 24 hours trying to reassure clients that operations are carrying on and the worst effects from its ransomware attack over the past three days are over.
The French carrier became the latest big name in container shipping to reveal it had been hacked on Monday, following other leading liners including Maersk, MSC and Cosco in recent years.
From its Marseille headquarters the company issued a statement to Splash at 7pm yesterday evening stating that the malware was rapidly isolated and all necessary protection measures implemented.
All communications to and from the group are secure, including emails, transmitted files and electronic data interfaces (EDI), the company claimed, adding: “Maritime and port operations are functioning as per usual. The booking functionalities remain up and running. Alternative solutions to the e-business site are available in order to support business continuity for CMA CGM Group’s customers.”
With carriers being the victims of tailored IT attacks of late, Itai Sela, CEO and president of Israeli maritime cyber security firm Naval Dome, told Splash today: “It is imperative that they ensure their IT systems are not on the same networks as their ships OT systems. If there is no segregation or protection and OT systems are hacked then world trade could be further disrupted.”
To defend against big game ransomware gangs you must have humans actively threat hunting
Chester Wisniewski, principal research scientist at British IT firm Sophos, commented: “Controlling, updating, and securing computers is a challenge for any global company, but especially so for shipping and logistics. Security costs increase dramatically when attempting to create uniformity across such diverse environments.”
Wisniewski added: “Many companies look at the dollars being spent on security and think it is a solved problem. To effectively defend against big game ransomware gangs you must have humans actively threat hunting and manning your side of the chess board.”
CMA CGM is not the only high profile name in intentional shipping to suffer an IT outage this week. The website of the International Maritime Organization (IMO) is down today, there UN body citing “technical issues” in an update on social media.