One of the largest providers of marine software, DNV, was hit by a ransomware attack that has affected around one thousand vessels.
DNV is a Norwegian Company that provides services for 13,175 vessels and mobile offshore units totaling 265.4 million gross tonnes, representing a 21% global market share.
The company offers solutions and services for any vessel’s entire life cycle, from design and engineering to risk assessment and ship management. With over 12,000 employees and 350 offices operating in over 100 countries, the company supports several industries, including maritime, oil and gas, renewable energy, electrification, food and beverage, and healthcare.
How Did the Attack Happen?
The ransomware attack occurred on the evening of January 7, and in reaction, the organization shut down the IT servers connected to the company’s ShipManager system. DNV stated that there are no signs that the security breach has damaged any of its other software or data.
DNV’s ShipManager servers were victim of a ransomware cyber-attack on the evening of Saturday 7 January. DNV experts shut down the servers immediately in response to the incident. All vessels can still use the onboard, offline functionalities of the ShipManager software, other systems onboard the vessels are not impacted. The cyber-attack does not affect the vessels’ ability to operate.
With the assistance of global IT security partners, the maritime software supplier initiated an investigation into the incident and is working to restore operations as soon as possible. The incident was also reported to Norwegian authorities, explains Security Affairs.
1,000 Vessels and 70 Customers Affected
The notice indicates that 70 customers and around 1,000 vessels were affected by the ransomware attack:
DNV is in regular contact with all ShipManager customers about the situation. About 70 customers, operating around 1.000 vessels, are affected. All affected customers have been advised to consider relevant mitigating measures depending on the types of data they have uploaded to the system.
The incident is under investigation and the company has not yet disclosed the ransomware family that infiltrated its systems, but the impacted customers are strongly advised to implement mitigating measures.
DNV’s official position on the ransomware attack is available here.
If you liked this article, follow us on LinkedIn, Twitter, Facebook, Youtube, and Instagram for more cybersecurity news and topics.