Exposed Remote Desktop (RDP) servers with weak credentials and phishing attempts are still two of the most common ways ransomware finds its way into a network. RDP servers should be placed behind a VPN and RDP Gateway server if external access is needed, rather than exposing them directly to the Internet. Strong credentials and multi-factor authentication should be enforced as well. All public-facing servers should be patched quickly after vulnerabilities become publicly known, especially if exploit code is available. Organizations should also invest in regular security awareness training to teach employees what to look out for in a suspicious email. To protect the organization from data loss, follow the 3-2-1 backup rule. Keep at least three copies of your data. Store the copies on at least two different forms of storage media. Keep one copy offsite. Should ransomware ever encrypt one form of backup connected to the victim machine, recovery should be possible with another safe copy.

Source: https://www.cmacgm-group.com/en/news-media/important-notice-external-access-to-CMA-CGM-IT-applications

https://www.bleepingcomputer.com/news/security/logistics-giant-cma-cgm-goes-offline-to-block-malware-attack/

https://lloydslist.maritimeintelligence.informa.com/LL1134044/CMA-CGM-confirms-ransomware-attack