CMA CGM hit by cyber attack, but says it’s business as usual

French container shipping line CMA CGM has confirmed it is the latest victim of a cyber attack, after its website and some those of its subsidiaries went down over the weekend.

However, the group’s corporate website, cmacgm-group.com, was working and carried a message on its homepage.

It said: “The CMA CGM group (excluding Ceva Logistics) is currently dealing with a cyber-attack impacting peripheral servers.

“As soon as the security breach was detected, external access to applications was interrupted to prevent the malware from spreading. Our teams are fully mobilised and access to our information systems is gradually resuming.

“The CMA CGM network remains available to the group’s customers for all booking and operation requests.”

At time of writing, the websites and e-commerce operations of CMA CGM’s intra-European subsidiary, Containerships, Latin American subsidiary Mercosul and freight forwarding arm Ceva Logistics were continuing to function.

Rumours have been circulating the industry that the company had been subject to a DDoS (distributed denial of service) attack. Cyber attacks on the maritime and logistics industry have been on the rise since Maersk became the first high-profile victim in 2017, when it was effectively collateral damage in the NotPetya cyber attack on the Ukrainian government.

Maersk said the attack, which also ensnared FedEx-owned TNT Express, ultimately cost it $300m.

The frequency of cyberattacks on the shipping and logistics industry appears to be on the rise this year. Just last week, Gefco claimed it was the subject of a cyber attack designed “to disrupt our business”, and Australian logistics group Toll has been hit twice by hackers this year.

2M container carrier MSC had to suspend its e-commerce operations for five days in April when its online booking system and other functions went down, although the Geneva-headquartered carrier never officially admitted it was the victim of a cyber attack.