Cyber-attack victim CMA CGM struggling to restore bookings, say customers
As CMA CGM’s IT engineers continue, for the fifth day, to try to restore its systems following a cyber-attack at the weekend, the French carrier has come under mounting criticism from customers that its back-up booking process is inadequate.
Yesterday, the carrier said its “back-offices [shared services centres] are gradually being reconnected to the network, thus improving bookings and documentation processing times”. And it reiterated that bookings could still be made through the INTTRA portal, as well as manually via an Excel form attached to an email. However, Australian forwarder and shipper representatives, the Freight & Trade Alliance (FTA) and Australian Peak Shippers Association (APSA), described the measures as “failing to adequately provide contingency services”. John Park, head of business operations at FTA/APSA, said its members ought to be due compensation from the carrier and its subsidiary, Australia National Line, which operates some 14 services to Australia, according to the eeSea liner database.
“FTA/APSA has reached out again to senior CMA CGM management to seek advice as to when we can expect full service to be re-instated, implementation of workable contingency arrangements and acceptance that extra costs incurred, as a result of the systems outages, will be reimbursed by CMA CGM,” he noted. He said feedback from FTA/APSA members highlighted continuing issues, including “in many cases customer service [and/or] sales representatives are not responding to phone calls”; members’ calls to CMA CGM’s national 1800 number goes to a recorded message saying ‘message bank is full, please call again later’; and that “email communication to the generic email supplied seeking information/electronic delivery orders (EDOs) etc, is slow”.
Given CMA CGM’s ownership of ANL and its importance in the country’s container trades, the IT outage has heaped more misery on shippers and forwarders trying to clear a substantial cargo backlog created by the recent industrial action in Sydney’s container terminals, he said. “We have seen temporary resolution of stevedore/MUA issues, however we now face the inability to move containers due to the slow release of EDOs/invoices,” Mr Park added. Many in the industry have been quick to compare CMA CGM’s response to cyber-attack with that of Maersk’s to the 2017 NotPetya cyber-attack. One UK forwarder told The Loadstar this week: “When this happened at Maersk, although they limited the bookings they took, they didn’t stop taking them and, quickly came up with a manual process, using Google Docs, to have some kind of continuity. From memory, it took Maersk months to get back to normal.”
Today on LinkedIn, liner shipping analyst Lars Jensen notes that the full extent of the attack is still unknown, outside CMA CGM’s IT security team at least, but “given the fact that we are now on day five, it would be safe to conclude that, in terms of overall impact, we are looking at something similar”. Meanwhile, the International Maritime Organization (IMO) confirmed today it was the victim of “a sophisticated cyber-attack against the organisation’s IT systems that overcame robust security measures in place”, and which affected its public website and other web-based services. It added: “The secretariat is working with UN International Computing Centre and security experts to restore systems as soon as possible, to identify the source of the attack and further enhance security systems to prevent recurrence.
“Since yesterday, service has been restored to the GISIS database, IMODOCS and Virtual Publications. For security reasons, these systems were not available for a few hours early this morning, but are now back up and running.”