CMA CGM raises cyber threat risk level
Conflict in Ukraine could lead to increased danger of cyber crime. There is an increased focus among digital security observers across a range of issues, including distributed denial of service attacks and ransomware attacks
French carrier has become the latest to suspend bookings to and from Russia. The line has also increased its alert levels and taken additional measures to secure its online systems
CMA CGM is taking additional measures to secure its IT infrastructure in the face of heightened risks of attack due to the conflict in Ukraine.
In a customer advisory, it said that had raised its alert levels and had taken “preventive measures to protect our IT systems” and its customers’ personal and corporate data.
The announcement came as CMA CGM finally joined the other major carriers in suspending bookings to and from Russia in the face of rising levels of sanctions. Of the top seven global carriers, only Cosco is yet to announce a suspension of Russia bookings.
“We continue to monitor the situation in Ukraine and the Black Sea region,” CMA CGM said. “Our utmost priorities remain to protect our employees and ensure as much as possible the continuity of your supply chain. In the interest of safety, the group has decided to suspend all bookings to and from Russia as of today and until further notice.”
The threat of cyber attacks, including distributed denial of service attacks, known as DDoS attacks, on companies outside the direct conflict zone has increased in recent weeks, with Russia alleged to be using cyber attacks as retaliation against US and European sanctions.
But Gareth Gareth Corfield, security and legal correspondent for UK IT publication The Register said there had yet to be any noticeable uptick in attacks since the conflict began.
“If anything, it has been far quieter than most expected once the conventional Russian military forces invaded Ukraine,” Mr Corfield said.
“That said, cyber security companies have reported instances of malicious software being deployed by Russia and its proxy state Belarus against Ukrainian companies and organisations. Yet the all-out cyber war that most industry sources thought was inevitable simply has not started.”
He warned, however, that as Ukrainian resistance continued, the Russians could decide to unleash the cyber arsenal that commentators were expecting.
“For now, they have not even disabled mobile phone networks or internet connectivity,” he said. “That was an expected early step to prevent ordinary Ukrainians from filming and sharing proof of Russian atrocities.”
CMA CGM has suffered from two serious cyber attacks in the past two years.
In 2021, there was a data leak in which hackers threatened to expose almost 500,000 customer records. A year earlier, it closed most of its online systems for two weeks following a ransomware attack that also saw the theft of information.
Cyber attacks have often been linked back to Russia, with state-backed actors involved.
In 2020, the US charged six Russian military intelligence officers in connection with masterminding cyber attacks, including developing NotPetya malware, which cost Maersk millions of dollars in 2017.
Those charged were all officers in the Russian Main Intelligence Directorate, known as GRU, a military intelligence agency.
They are alleged to have engaged in computer attacks intended to support Russian state efforts to interfere in foreign countries.
Shipping remains at particular risk to cyber threats. A survey released this week by Lloyd’s List found that one fifth of respondents had experienced a cyber attack in the past three years, with phishing and ransomware being the most common forms of attack.Vespucci Maritime chief executive Lars Jensen recently put the high risks of cyber attacks on critical infrastructure from the Russia-Ukraine conflict near the top of external shocks that could affect containerised supply chains over the coming year.