Container line CMA CGM has moved to reassure customers and stakeholders that digital communications with the company are “secure” following its confirmation on Monday that its IT systems had suffered a cyber-attack, though it has since confirmed that a data breach may have occurred.
In an update statement on Tuesday evening, the container carrier said that “All communications to and from the CMA CGM Group are secure, including emails, transmitted files and electronic data interfaces (EDI).”
“Maritime and port operations are functioning as per usual. The booking functionalities remain up and running.”
While communications may be back in place, the shipping line did admit on Wednesday afternoon that the incident may have led to a data breach, the potential volume and nature of which it is currently assessing.
CMA CGM is now in the process of restoring all of its information systems and began gradually reconnecting back-office functions in its Shared Services Centers to its network on Wednesday, to facilitate the processing of bookings and documentation.
The company has offered few details on the nature of the malware incident, though the Group is reported to have been infected with a data encryption malware called Ragnar Locker, which demands payment be made for a decryption key to regain access to corporate systems.
An initial statement on Monday had confirmed that CMA CGM was dealing with an attack impacting “peripheral servers”, with the company shutting down external access to applications as soon as the breach was detected to prevent the malware from spreading.
An investigation was immediately launched, “conducted by our internal experts and by independent experts,” the company said. CMA CGM has since confirmed that the malware was “rapidly isolated and all necessary protection measures implemented.”
The carrier notes that it has made alternative ordering systems available to support business continuity for CMA CGM Group customers that are currently unable to access its e-business site following the shutdown.