The largest transport company with thousands of employees and cybersecurity teams is infected with ransomware

CMA CGM, the great French shipping company, has revealed that it was the victim of a recent ransomware attack that compromised its peripheral servers: “We interrupted malicious activity as soon as unauthorized access was detected, preventing the spread of malware,” the company’s message mentions.

The company’s computer security teams began working on restoring systems soon after, so CMA CGM’s computing resources gradually return to regular operation. Only the website seems to continue to give problems to the company, as visitors encounter a “504-Gateway Timeout” error.

The company has already announced that they will begin an investigation in collaboration with external specialists to determine the possible causes of the incident.

Subsequent reports indicate that the ransomware variant used in this attack is Ragnar Locker, whose operators gave the French company a two-day window to contact them via a dark web chat. The company has already confirmed the incident, although it has not added additional details such as the ransom amount demanded by the attackers.

This is the most recent cybersecurity incident a shipping company has ever experienced. A few months ago, MSC Mediterranean Shipping Company revealed one that was the victim of a cyberattack that caused a serious disruption at its headquarters in Switzerland.

This wave of incidents dates back to 2017 when Maersk, probably the industry’s largest company suffered an infection of the dangerous Variant of NotPetya ransomware, resulting in massive system failure and outages that lasted for weeks, representing a loss of about $300 million in the recovery process.