The International Maritime Organization (IMO) has confirmed its IT systems have been compromised, although there has been no evidence provided to indicate the service interruption is related to this week’s ransomware attack on CMA CGM.
“The interruption of service was caused by a cyberattack against our IT systems,” the IMO tweeted Thursday, adding that it was working with United Nations “IT and security experts to restore systems as soon as possible, identify the source of the attack and further enhance security systems to prevent recurrence.”
The IMO said Friday that service had been restored to the GISIS database, IMODOCS and virtual publications. “Service will be restored to other web-based services as soon as possible and as safe as possible,” it said.
“The secretariat takes its responsibilities for cyber-risk management and information-security management extremely seriously and has acted immediately to address the cyberattack and to implement measures to ensure the risk of recurrence is minimized,” the IMO said.
Shipping analyst Lars Jensen wrote on LinkedIn on Thursday that “most likely” there is no connection between the IMO cyberattack and Monday’s CMA CGM takedown.
“Overall, cyberattacks have been on the increase for years across all industries globally and maritime is no different,” Jensen said.
Meanwhile, CMA CGM said it now is combating a suspected data breach. The French shipping giant announced Monday that it had been the victim of malware.
“We suspect a data breach and are doing everything possible to assess its potential volume and nature,” CMA CGM said in an update on its website.
CMA CGM said its technical teams were working with independent experts as the investigation into this week’s ransomware attack continued.
It said Wednesday that the back offices were “gradually being reconnected to the network, thus improving the bookings’ and documentations’ processing times.”