French shipping giant CMA CGM S.A. has been struck by a ransomware attack that bought down some of its services.

The attack is believed to have involved Ragnar Locker ransomware and first struck the company’s offices in China over the weekend. How far it then spread across CMA CGM’s network is not clear, but the company’s main website was knocked offline for some time.

As of the time of writing, the website was partially up with a security notice that reads, “We have decided to temporarily suspend all access to our e-commerce sites to protect our customers,” along with a statement that all communications were secure and that maritime and port operations are functioning as normal.

In a statement Monday, CMA CGM describes a cyberattack “impacting peripheral servers” with access to applications interrupted to “prevent the malware from spreading.”

The link to Ragnar Locker was first reported by Lloyd’s List, which also noted that it was the same form of ransomware that targeted EDP Renewables North America LLC in April. The report also said that staff in Europe have been told not to use any company tech equipment.

Lloyds also posted an image of what appears to be a Ragnor Locker ransom demand. Of note, the image shows that the attack was not random but specifically targeted at CMA CGM.

CMA CGM is said to be the fourth major shipping company to have suffered a cyber attack after Cosco Shipping, Maersk Line and the Mediterranean Shipping Company.

“While we are all vulnerable to attack, the attack on French Shipping giant CMA CGM continues to paint a picture of who is most vulnerable,”  Chester Wisniewski, principal research scientist at Sophos Group plc, told SiliconANGLE. “While hospitals, schools and municipal governments dominate the headlines, international manufacturers and service companies seem to be victims more often than those in industries with traditionally strong IT security, like finance, defense and technology.”

Photo: Bahnfrend/Wikipedia Commons/ Lloyd’s List