DNV, a Norwegian shipping classification society, has confirmed its systems were hit by a ransomware attack, affecting around 1,000 ships that rely on its technology.
The Oslo-based DNV said in a statement on Wednesday that its ShipManager software was targeted by file-encrypting malware on January 7, forcing the organization to shut down its servers. ShipManager is a fleet management software that allows DNV shipping customers to monitor the operational, technical and compliance features of a shipping fleet, and is used by more than 7,000 vessels owned by 300 customers, according to the company’s website.
DNV said that 70 customers operating around 1,000 vessels were affected by the attack, close to 15% of its total fleet.
In a statement given to TechCrunch, DNV spokesperson Margrethe Andersen confirmed that all impacted vessels can still use the onboard, offline functionalities of the ShipManager software. “The cyber-attack does not affect the vessels’ ability to operate,” said Andersen.
DNV also says it’s confident that other DNV servers have not been affected. However, when asked whether any data was compromised as a result of the attack, the company declined to comment. DNV also declined to say whether the attack would result in any delays for ships and their onboard cargo.
The company said it is cooperating with the police. “We cannot release information that could harm or delay the investigation,” the spokesperson said.
It is unclear how DNV was compromised, if the company received a ransom demand or who was behind the attack. TechCrunch checked the websites of several major ransomware groups but found no mention of DNV.
“DNV is working closely with global IT security partners to analyze the incident and ensure secure online operations as soon as possible,” the company said. “All affected customers have been advised to consider relevant mitigating measures depending on the types of data they have uploaded to the system.
The ransomware attack on DNV is one of many to have impacted the shipping industry in recent weeks. The Port of Lisbon, the third-largest shipping port in Portugal, was the target of a LockBit ransomware attack on Christmas Day.
The U.S. government’s cybersecurity agency has warned that criminal financially motivated hackers compromised federal agencies using legitimate remote desktop software. CISA said in a joint advisory with the National Security Agency on Wednesday that it had identified a “widespread cyber campaign involving the malicious use of legitimate remote monitoring and management (RMM) software” that had targeted multiple […]
It’s time to start changing your passwords assword manager giant LastPass has confirmed that cybercriminals stole its customers’ encrypted password vaults, which store its customers’ passwords and other secrets, in a data breach earlier this year. In an updated blog post on its disclosure, LastPass CEO Karim Toubba said the intruders took a copy of […]
The Housing Authority of the City of Los Angeles, or HACLA, has confirmed it is investigating a cybersecurity incident shortly after the LockBit ransomware gang claimed responsibility for a cyberattack on the agency. HACLA, which provides affordable housing to more than 19,000 low-income families across Los Angeles, was added to LockBit’s dark web leak site on […]
Leave a Reply