CMA CGM – considerations on cyberattack 

All, 

Please find our unchanged analysis here. 

The cyberattack on CMA CGM’s shipping business (ie excluding Ceva) could cause significant disruption for the business in the short term. According to media reports, CMA CGM employees are being told not to use the company’s IT systems or devices. The group has confirmed the cyberattack, after initially telling customers that it was experiencing an internal IT issue. The Ragnar Locker ransomware attack is similar to the one employed against EDP Renewables.  

We understand that this follows previous cyber attacks on MSC earlier this year as well as Cosco and Maersk line in 2018 and 2017 respectively. The Maersk attack has ultimately caused USD300m in damages. Such an amount would be bearable for CMA CGM, given its strong liquidity reserves and business momentum. However, it would make it harder for the company to issue a new bond in the very near term and therefore could have a noticeable impact on the 2025 bonds. 

The shipping industry is becoming increasingly digitalized after badly lagging the adoption of modern IT systems for many years. CMA CGM’s IT modernization efforts have been important as part of its significant cost-cutting program.  

We remain long the 2021 and 2022 bonds. At this point, we await further communication from Investor Relations. 

As always, feel free to reach out if you want to exchange ideas on CMA CGM. 

Juliano 

___________________________

Juliano Torii
2 Stephen Street
London W1T 1AN
E: jtorii@sarria.co.uk
M: +44 794 73 56 163 (preferred)

T: +44 203 744 7055