conti attacks Sea-invest Caronte

Incident Date:

February 8, 2022

World map



conti attacks Sea-invest Caronte


Sea-invest Caronte




Maritime, France

Martigues, France

First Reported

February 8, 2022

SEA-Invest Caronte: A Target for Ransomware Attacks

SEA-Invest Caronte, an international operator of terminals for dry bulk, liquid bulk, and containerized cargo, has been targeted by the ransomware group Conti. The company, which operates in the transportation sector, has a strong reputation in the domains of manutention, transport, entreposage, and other port-related activities. SEA-Invest is active in 23 ports across two continents and collaborates with various industries, making it a crucial link in the supply chain for both producers and end-users.

The ransomware attack on SEA-Invest Caronte was reported on the evening of January 30, 2022. The company's dry bulk division did not have to cease operations, but its liquid bulk department, Sea-Tank, experienced disruptions and was able to resume operations as of February 2. The attack was not linked to the BlackCat ransomware that affected Oiltanking, but it is unclear whether the two incidents are related.

The attack on SEA-Invest Caronte highlights the vulnerabilities of the transportation sector to cyber threats. As the industry becomes increasingly digitalized, companies must invest in robust cybersecurity measures to protect their operations from potential disruptions. The incident serves as a reminder that cybersecurity is not just about preventing attacks but also about being prepared to respond effectively when they occur.


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.