CMA-CGM victims of Ragnar Locker’s piracy

The news was posted on the group’s Twitter thread this Monday morning, September 28: “External access to CMA CGM’s IT applications is currently not available. The IT teams are working to resolve the incident to ensure business continuity. “According to our colleagues at Splash, the airline had already started alerting its customers in Australia and their email would be operational. There was no telephony in France this morning. The front desk said it was impossible to forward calls.

Continuation of the article below

According to Chichen Shen of Lloyd’s List, “at least several offices in China are affected by what is referred to as an” internal IT infrastructure problem. “Our sources confirm the impact on the group’s local IT environment, but currently cannot provide any indication of the situation of IT infrastructures in France.

CMA CGM did not provide any further details on the nature of the incident affecting him. However, according to our colleague Chichen Shen, it is a ransomware attack, specifically Ragnar Locker.

The operators of this ransomware are not among the most talked about this year. So far, only 7 cyberattacks are known that have led to the detonation of this malicious software worldwide since the beginning of the year.

Notable among the known victims of this ransomware is Carlson WagonLit Travel, which was hit in late July. The latter appears to have paid the cyber thugs a ransom of $ 4.5 million, according to the details of a negotiation that several observers may be following.

To date, there have been more than 240 ransomware cyberattacks known worldwide since the beginning of September, up from 121 in August. We have updated the timeline for French victims below.