Skip to content
Search AI Powered

Latest Stories

Press releases are provided by companies as is and have not been edited or checked for accuracy. Any queries should be directed to the company issuing the release.

Resilience360 Quantifies Impact of Ocean Carrier Cyberattacks

Recent cyber-attacks on ocean carriers have proven quite disruptive.

Recent cyber-attacks on ocean carriers have proven quite disruptive. Denmark’s Maersk Line incurred estimated damages of USD 300 million (EUR 253.81 million) due to the global ransomware attack it suffered in 2017. The latest attack on CMA CGM means that all the Big 4 shipping lines, including MSC and COSCO, have suffered recent disruptive cyber events. On October 1, the International Maritime Organization (IMO) also announced a cyber-attack against its IT systems, leading to disruptions in its public website and internal systems.

“Companies shipping by sea should remain vigilant of cyber intrusions that target shipping lines,” said Daniel Boccio, Supply Chain Risk Analyst, Resilience360. “Supply chain managers and IT professionals should collaborate on identifying the potential vulnerabilities and threats to their supply chains and should implement measures to increase resiliency and minimize the impact of such threats.”


On September 28, French container transportation and shipping company CMA CGM announced that it fell victim to a cyber-attack on its peripheral servers. The company has over 480 vessels, operating 200 shipping routes between 420 ports in 150 different countries. The attack led to limited IT availability across the group, sans CEVA Logistics, due to the company halting external access to applications to prevent the spread of the malware. The company later announced that it also suspects a data breach and the nature and the volume of the affected information.

Based on an assessment of the attack on the company’s China offices, preliminary assessments conclude that the attack is the work of the Ragnar Locker ransomware. In operation since December 2019, this ransomware acts in a typical manner of the Cyber Kill Chain, performing reconnaissance and exfiltrating sensitive information to be returned in exchange for ransom payment. The ransomware can be identified with an MD5 hash of 6171000983CF3896D167E0D8AA9B94BA, which serves as the primary indicator of compromise (IoC) for the threat. It is delivered as an unsigned MSI package and is known to attack Windows systems via VirtualBox.

The ransomware’s peripheral device discovery feature allows it to spread rapidly to removable and mapped network drives, explaining CMA CGM’s decision to temporarily disable external features. Notably, the ransomware has a unicode string comparison function that, when activated, prevents the ransomware from executing on computers using languages from the former Soviet Union, such as Belorussian, Azerbaijani, Ukrainian, Moldovan, Georgia, Armenian, Turkmen, Russian, Kyrgyz, Kazakh, Uzbek, and Tajik. Ragnar Locker was last seen attacking the EDP energy company in April 2020.

Given the ransomware’s peripheral device discovery feature, the company suspended its booking system to protect its customers. The suspension disrupted operations as employees lost access to internal e-mails and applications necessary to perform daily operations, with limited options for customer communications by phone. The company suspended access to electronic bookings through its websites and announced that all cargo booked before September 27 was secure; however, later bookings were yet to be processed. The company also requested customers to either call local offices or make bookings through an external booking system.

Company services at Chinese offices in Shanghai, Guangzhou, and Shenzhen were reportedly disrupted, with container terminal managers stating that cargo loading operations were likely to be affected, but ultimately were not. Fortunately, sources at Hong Kong Port stated that CMA CGM maintained normal operations at both the container terminal and on its vessels. On September 30, the company announced that operations were gradually returning to normal, with improvements to bookings and documentation processing times as back-offices reconnect to the network. Moreover, the company assured customers that maritime and port activities are fully operational, with alternative and temporary processes available for bookings.

Ragnar Locker not only targets entities of considerable logistics and industrial importance, such as EDP and CMA CGM, but also exploits VirtualBox. This is indicative of a greater threat posed to companies employing virtualization, and to an extent, remote services. Such a threat is even more notable with the considerable quantity of remote workers this year due to the COVID-19 pandemic.

While technological recovery is quick, residual business disruptions are likely, especially regarding time-sensitive shipments.

https://www.resilience360.dhl.com/news/ransomware-attack-on-french-carrier-cma-cgm-disrupts-shipping-operations/

https://www.resilience360.dhl.com/news/ransomware-attack-on-french-carrier-cma-cgm-disrupts-shipping-operations/

The Latest

More Stories

​OPEX® Sure Sort® X with Xtract™ Warehouse Automation System Is Named a Finalist in the New Equipment Digest NED Innovation Awards

MOORESTOWN, NJ (December 18, 2024) OPEX® Corporation, a global leader in Next Generation Automation providing solutions for document, mail, and warehouse automation, has been selected as a finalist in the 2024 NED (New Equipment Digest) Innovation Awards, which celebrates innovations in industrial technology, tools, and equipment that empower businesses to work faster, better, and more cost-effectively.

OPEX Sure Sort® X with Xtract™, a high-speed automated sortation and order retrieval system, was recognized in the NED Innovation Awards Automation category.

Keep ReadingShow less

Featured

Hy-Tek Intralogistics releases Top Trends for 2025

Columbus, OH – December 18, 2024 – Hy-Tek Intralogistics, a premier provider of software, systems and services for supply chain automation technology, has released an episode of its popular podcast Automation Insider that looks at warehousing trends for 2025.

Automation Insider is a podcast created for people interested in what is new and what is successful in logistics and automation technology across a wide range of industries.

Keep ReadingShow less
Averitt Promotes David Fussell to Vice President of Dedicated Sales

Averitt Promotes David Fussell to Vice President of Dedicated Sales

COOKEVILLE, Tenn. — Averitt has promoted David Fussell to vice president of dedicated sales, following the retirement of Walt Gray.

Fussell joined Averitt in 1991 and has held several key positions throughout his career. He served as a transportation sales specialist in Decatur and Nashville, later becoming service center director in Little Rock. In 2018, he transitioned to director of dedicated sales, working closely with Gray to expand the company’s dedicated accounts and deliver customized solutions to customers.

Keep ReadingShow less

Schneider is first major carrier to achieve six million zero emission miles with the Freightliner eCascadia

GREEN BAY, Wis.-- Schneider National, Inc. (NYSE: SNDR), a premier multimodal provider of transportation, intermodal and logistics services, is marking another significant milestone as its battery electric vehicle (BEV) fleet has surpassed six million zero emission miles, highlighting its commitment to reducing carbon emissions and advancing cleaner transportation.

“Reaching six million zero emission miles is a testament to our steadfast dedication to sustainability and innovation,” said Schneider President and CEO Mark Rourke. “Leading the way in adopting electric vehicle technology not only benefits the environment but also serves as an example of the broad service capabilities and flexibility we can offer to customers.”

Keep ReadingShow less
Roboteon announces breakthrough simulation capability for mobile robots in distribution

Roboteon’s Warehouse Robotics Fulfillment platform

Photo courtesy of Roboteon

Roboteon announces breakthrough simulation capability for mobile robots in distribution


Roboteon, provider of a powerful software platform for warehouse robot enablement, announces breakthrough simulation capabilities in its platform for robotics and other warehouse automation. The new tool help companies make better decisions across multiple time horizons, from initial automation planning through real time execution on the floor.

Interest in Autonomous Mobile Robots (AMRs) and other robotics is high, but there remains much uncertainty about use cases, the number of AMRs and humans needed across different time horizons, expected operational improvements, and cost savings from the robotics investment.

Keep ReadingShow less