Market Watch is reporting French Container Operator CMA CGM Hit by a cyberattack with unknown hackers leaking part of its customer information.
French liner CMA CGM S,A. said Monday that it suffered a cyberattack with unknown hackers leaking part of its customer information.
The world’s third biggest boxship operator said the “limited customer information” leak includes their names, positions, emails and phone numbers.
“The IT team has immediately developed and installed security patches, and surveillance of all our application programming interfaces has been strengthened,” the company said.
The hackers said in an email they obtained more than 499,000 customer records and that they would “lay out the entire” database in a week after CMA CGM refused to pay ransom.
This isn’t trivia. Especially since they were pwned by hackers at this time last year. Saumitra Das, CTO and Cofounder, Blue Hexagon had this to say:
This is a classic example of double extortion where the hackers have leverage even if CMA CGM has a good backup and DR strategy laid out. Today’s ransomware landscape requires not just reducing the attacker’s downtime leverage but also reducing the risk of exfiltration or disruption. Most attacks use vulnerabilities that have been known for months or in many cases just live off the land without requiring a major vulnerability so an IT team developing patches at this late stage seems unusual. Most IT teams already know patches are needed but due to business pressure or lack of cycles from developers teams, these patches do not get deployed in time.
It’s clear that it’s a time for IT teams to shift their strategies in terms of fighting cyberattacks. Otherwise bad things will happen to them.
Related
This entry was posted on September 21, 2021 at 8:00 am and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
CMA CGM Pwned By Hackers
Market Watch is reporting French Container Operator CMA CGM Hit by a cyberattack with unknown hackers leaking part of its customer information.
French liner CMA CGM S,A. said Monday that it suffered a cyberattack with unknown hackers leaking part of its customer information.
The world’s third biggest boxship operator said the “limited customer information” leak includes their names, positions, emails and phone numbers.
“The IT team has immediately developed and installed security patches, and surveillance of all our application programming interfaces has been strengthened,” the company said.
The hackers said in an email they obtained more than 499,000 customer records and that they would “lay out the entire” database in a week after CMA CGM refused to pay ransom.
This isn’t trivia. Especially since they were pwned by hackers at this time last year. Saumitra Das, CTO and Cofounder, Blue Hexagon had this to say:
This is a classic example of double extortion where the hackers have leverage even if CMA CGM has a good backup and DR strategy laid out. Today’s ransomware landscape requires not just reducing the attacker’s downtime leverage but also reducing the risk of exfiltration or disruption. Most attacks use vulnerabilities that have been known for months or in many cases just live off the land without requiring a major vulnerability so an IT team developing patches at this late stage seems unusual. Most IT teams already know patches are needed but due to business pressure or lack of cycles from developers teams, these patches do not get deployed in time.
It’s clear that it’s a time for IT teams to shift their strategies in terms of fighting cyberattacks. Otherwise bad things will happen to them.
Share this:
Like this:
Related
This entry was posted on September 21, 2021 at 8:00 am and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.