About 1,000 ships have been affected by a ransomware attack, a software management company has revealed.
DNV, a Norwegian software supplier that services 12,000 ships and mobile offshore units worldwide, said its ShipManager software was attacked on January 7, 2023.
As a result, approximately 70 customers operating approximately 1000 vessels were affected. These customers are “advised to consider relevant mitigations depending on the type of data they have uploaded into the system.”
DNV added that it has informed affected parties that they are responsible for notifying the relevant data protection authorities in their country of the incident.
However, the company said there were “no indications that DNV’s other data or servers would be affected,” and that the outage did not affect other services.
Furthermore, the incident has not affected the vessel’s operational capabilities. This is because you can still use the onboard offline capabilities of the ShipManager software. Also, other systems on affected ships are unaffected.
The DMV has reported the attack to the Norwegian Police, who are coordinating with other relevant government agencies such as the Norwegian Data Protection Agency (Datatilsynet) and the German Cyber Security Agency (BSI).
The software supplier said it also worked with its IT security partners to investigate how the incident occurred and to “ensure safe online operations as soon as possible.”
The maritime industry has suffered high-profile cyber incidents in recent years that have the potential to cause substantial economic disruption, making it an attractive target for extortion campaigns.
Many vessels also contain aging technical infrastructure, making them particularly vulnerable to vectors such as ransomware.
In 2020, a ransomware attack temporarily shut down the website and application of French container shipping giant CMA CGM.
In 2017, Danish shipping giant Maersk suffered an estimated loss of up to $300 million in the infamous NotPetya ransomware attack.
Dr. Darren Williams, CEO and Founder of Blackfog, commented on the DMV incident, highlighting the growing number of targets of critical infrastructure organizations. One thing to keep in mind in connection with the Maritime DNV attacks is the addition of critical infrastructure victims to the list.
“With a global war going on and DNV holding a 21% global market share of marine vessel solutions and services, suppliers such as DNV could cause massive disruption. , are ideal victims for attackers.”
Simon Chassar, CRO at Claroty, believes that the increasing interconnectivity of physical and digital systems in sectors such as shipping makes mitigating these types of incidents more difficult. “Unfortunately, the attacks impacting the critical infrastructure industry are on the rise as we add digital transformation and connected cyber-physical systems to our networks without proper protection tools,” he outlined. bottom.
Chassar adds: “
