Skip to main content
close search
site logo
Dive Brief

CMA CGM reboots e-commerce site following cyberattack

Published Oct. 12, 2020
Matt Leonard's headshot
Reporter
CMA CGM

Dive Brief:

  • The CMA CGM e-commerce sites are operational again after a cyberattack caused them to go offline for nearly two weeks, the carrier announced Sunday.
  • The company said all main functionalities are operational: bookings, tracking, route finder, Myprices and invoices. The homepage shows an option to get a shipping schedule or track a shipment. It had provided instruction for alternative booking methods in the days following the attack.
  • This attack, along with attacks on other ocean carriers, highlights the importance of cybersecurity, Lars Jensen, the head of consulting at Sea-Intelligence, said in a LinkedIn post. "No matter how good your defenses are, there is still a risk. It is imperative to have a solid contingency plan keeping you running potentially for weeks."

Dive Insight:

The reinstatement of the e-commerce site came just two days after the company's request for a 60-day filing exemption was posted by the Federal Maritime Commission.

The cyberattack resulted in an inability to publish tariff rates and rules, and slowed its service contract filing, the carrier said when asking the agency for the ability to retroactively apply service contract rates to shipments it receives for 60 days following Sept. 27.

"CMA CGM and ANL use a third-party publisher that is not impacted by the attack, but CMA CGM and ANL are unable to access quotes that have been given to customers in order to convert them into tariff line items for customers ready to book using those quotes," CMA CGM said in its letter to the FMC.

American President Lines, a CMA CGM subsidiary, has been unable to update its self-published tariff, rates or rules, it said.

On Sept. 30, CMA CGM said the cyberattack, which occurred two days earlier, resulted in a suspected data breach. The carrier told shippers to book through the INTTRA portal or go through the manual booking process while its systems were down.

The carrier said it was a malware attack, and some media reports said ransomware known as Ragnar Locker was responsible.

This attack is just one in a string of cyber-incidents to highlight the vulnerability of the ocean-shipping ecosystem. Large cyberattacks on MSC earlier this year, COSCO in 2018 and Maersk in 2017 show that carriers are in the crosshairs of bad actors. And with information constantly flowing between companies, it means the shippers moving inventory with the ocean carriers are also at risk.

Subodha Kumar, a professor of marketing and supply chain management at Temple University's Fox School of Business, suggested that shippers ask carriers about their plans for such an attack.

The International Maritime Organization, the international shipping regulator of the United Nations, was also hit by a cyberattack earlier this month.

"Ships are obliged to update their safety management plans to incorporate cyber risk management by 2021," an IMO spokesperson said following the attack.

Recommended Reading

Editors' picks

Company Announcements

View all | Post a press release
Assent Recognized as a Leader in Supply Chain Sustainability Software by Independent Research …
From Assent
November 07, 2024
Vector Global Logistics Wins U.S. Chamber of Commerce Foundation’s 25th Annual Citizen Award
From Vector Global Logistics
November 05, 2024
Aroma Retail Supports Exponential Ecommerce Growth with Descartes Parcel Shipping Solution
From Descartes Systems Group
November 04, 2024
AutoStore™ Strengthens Leadership Team with Keith White as Chief Commercial Officer
From AutoStore
November 04, 2024
Editors' picks
Latest in Maritime
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell