The Norwegian shipping classification society DNV has been attacked by ransomware (opens in a new tab) attack that forced the company to shut down some of its servers.
The attack affected approximately 1,000 ships using DNV’s ShipManager software, a tool its customers use to monitor different characteristics of their shipping fleets.
DNV says some 300 companies use the tool to manage more than 7,000 ships. Of that number, 70 companies managing some 1,000 ships were affected by the incident, around 15% of the total fleet.
unknown attackers
The software’s onboard and offline functionalities can still be used, the company further said, adding that other systems aboard ships are not affected by the ransomware attack. Also, the ships can still operate.
Apart from the ShipManager servers, other servers and other data were also unaffected, the company said.
Other details about the incident are missing. The company did not say which group was behind the attack or how the ransomware was implemented (whether malware, phishing or social engineering was used in the attack). No group has yet claimed responsibility for the attack.
We also don’t know the ransom demand or timeframe, as the company declined to comment on the possibility of sensitive data being stolen and also declined to say whether the attack would cause delays for ships and cargo.
However, DNV confirmed that the police and other law enforcement agencies have been notified.
“The attack has been reported to the Norwegian police, who have informed the relevant law enforcement agencies. The Norwegian National Security Authority, the Norwegian Data Protection Authority (DPA) and the German Cyber Security Authority were also informed. All affected customers have been notified of their responsibility to notify the relevant Data Protection Authorities in their countries,” the organization stated.
Via: TechCrunch (opens in a new tab)
