Ransomware attack hits maritime giant DNV

Norwegian shipping classification society DNV has been hit by a ransomware attack which forced the company to shut down some of its servers.

The attack affected roughly 1,000 ships using DNV’s ShipManager software – a tool that its customers use to monitor different features of their shipping fleets. 

DNV says some 300 companies use the tool to manage more than 7,000 ships. Of that number, 70 firms managing some 1,000 ships were affected by the incident – around 15% of the total fleet. 

Unknown attackers

Onboard, offline functionalities of the software can still be used, the company further said, adding that other systems onboard the vessels are not impacted by the ransomware attack. Furthermore, the ships can still operate.

Besides the ShipManager servers, other servers and other data were also not affected, the company also said. 

Other details about the incident are missing. The company did not say which group was behind the attack, or how the ransomware was deployed (if any malware, phishing, or social engineering was used in the attack). No groups have yet taken responsibility for the attack. 

We also don’t know the ransom demand, or the deadlines, as the company has declined to comment on the possibility of sensitive data being stolen, and also refused to say if the attack would cause any delays for ships and cargo.

However DNV did confirm that the police and other law enforcement agencies have been notified. 

“The attack has been reported to the Norwegian Police, who has informed relevant police agencies. It was also reported to the Norwegian National Security Authority, the Norwegian Data Protection Authority (DPA) and the German Cyber Security Authority. All affected customers have been notified about their responsibility to notify relevant Data Protection Authorities in their countries,” the organization stated.

Via: TechCrunch