The maritime industry has once again come under attack from cybercriminals with shipping giant CMA CGM Group announcing that it was the target of the latest intrusion to its systems. According to a statement from the company, external access to its IT applications was suspended this morning as it sought to address a cyber-attack impacting peripheral servers.
According to reports, the attack began on the shipping line’s servers in Asia. The company later posted on Twitter, “As soon as the security breach was detected, external access to applications was interrupted to prevent the malware from spreading.” They said that the CMA CGM Group, excluding CEVA Logistics, was dealing with a cyber-attack. Customers were being told to contact their local agency for assistance with bookings.
CMA CGM later provided a brief update saying, “Our teams are fully mobilized and access to our information systems is gradually resuming.” Their corporate website also remained operational and was posting updates.
Ransomware and other forms of cyberattacks have been on the rise in 2020 with the maritime industry being one of the latest targets for hackers. Cybersecurity consultancy Naval Dome reported a 400 percent increase in attempted hacks against the maritime industry between February and June 2020. They reported that the primary cause was an increase in malware, ransomware, and phishing emails attempting to exploit the COVID-19 pandemic. They forecast that there would be more than 500 major cybersecurity breaches, with substantially more going unreported, during 2020.
The cyber-attacks have cut across all sectors of the maritime industry in the past few years. In August, Carnival Corporation reported that for the second time in two years that they had detected a ransomware attack that accessed and encrypted a portion of its information technology systems. Earlier in 2020, both Vard and MSC reported attacks against portions of their systems.
Ports have also found themselves the target of attacks. In 2018, the Port of San Diego reported that it had been attached and even the US Coast Guard at the end of 2019 warned the maritime community to harden defenses against phishing and cyberattacks after a new outbreak of encryption ransomware attack at an unnamed Maritime Transportation Security Act (MTSA)-regulated facility.
The large shipping company with their vast networks have been targets for the cybercriminals for the past few years. In 2017, Maersk’s container booking and terminal operations were affected by a widespread ransomware attack. It also was forced to shut down multiple systems to prevent the “Petya” malware from spreading. Similarly, in 2018, Chinese shipping conglomerate Cosco reported that its American shoreside operations have been hit by a ransomware cyber-attack.