The cyber attack was launched using Ragnar Locker, a data encryption malware that has affected companies elsewhere. It is similar to an incident involving Portuguese energy firm EDP Renewables earlier this year.
In an email sent on Sunday and seen by Lloyd’s List (below), the hacker requested the French carrier to contact it within two days “via live chat and pay for the special decryption key”.
The exact price was not disclosed.
In a customer notice, CMA CGM said the websites of the company and its two subsidiaries — ANL and CNC — had become unavailable alongside its IT applications “due to an internal IT infrastructure issue”.
Staff in Europe have been told not to use any company IT equipment, according to sources.
Sophos Principal Research Scientist Chester Wisniewski said the situation painted a picture of those who are most vulnerable.
“Hospitals, schools and municipal governments may dominate the headlines, but international manufacturers and service companies seem to be victims more often than industries with traditional strong IT security functions like finance, defence, and technology firms.”
He said that CMA CGM is the fourth major shipping firm to be hit with ransomware after Maersk, Cosco and Mediterranean Shipping. Having far flung operations around the world makes securing these types of firms extremely difficult, yet no less important than other industries.
“ T security needs to be at the forefront for all industries, not just those who are of national security concern”, he said.