Hackers who attacked using Ragnar Locker ransomware instruct CMA CGM to contact them within two days ‘via live chat and pay for the special decryption key’.
A number of the shipping group’s websites have been down on Monday. The attack is understood to be a ransomware attack.
CMA CGM initially denied it had been hit by a cyber attack. However, vice-president Joël Gentil later confirmed a serious security breach.
CMA CGM reports that as the security breach was detected, external access to applications was interrupted to prevent the malware from spreading, the company said. External access to the company’s IT applications was affected and customers were being asked to contact local booking agents for servicing needs.
CMA CGM is understood to have been hit by “Ragnar Locker” ransomware (see screenshot image above) which paralyzed much of its IT infrastructure.
Ragnar Locker is a ransomware that affects devices running Microsoft Windows operating systems. It was initially observed towards the end of December 2019 as part of a series of attacks against compromised networks.
CMA CGM was asked by the hackers behind the attack to contact them within two days ‘via live chat and pay for the special decryption key’. No ransom price has been named yet.
CMA CGM is the world’s fourth largest liner – the top three, Maersk, MSC and Cosco, have all suffered hacks in recent years.
#cma #cgm #ransomware #france #cyberattack #mindyourdata #yokdata #blog