Fraud Management & Cybercrime , Ransomware

Ransomware Attack Affects 1,000 Vessels Worldwide

Norway's DNV Shuts Down IT Servers, Investigates Attack
Ransomware Attack Affects 1,000 Vessels Worldwide
Image: Ian Host/Unsplash

A ransomware attack shut down servers hosting software used to manage the crewing and maintenance schedules of about 1,000 vessels across the globe.

See Also: Live Webinar | Navigating the Difficulties of Patching OT

Norwegian classification society DNV, maker of ShipManager software, says it took the servers offline after detecting a cyber incident on Jan. 7.

Onboard software functionally continues to operate, says DNV, which also sets standards for the construction and operation of ships.

"There are no indications that any other software or data by DNV is affected. The server outage does not impact any other DNV services," the company says. It has contacted Norwegian police.

DNV says more than 7,000 vessels owned by 300 customers use ShipManager.

The attack comes amid mounting concern over the susceptibility of the global supply chain to cyberattacks following Russia's February 2022 invasion of Ukraine and worries about the ripple effects of the war for the world economy. DNV is not attributing the source of its ransomware attack. Most ransomware hackers are avowedly apolitical, lest they complicate extortion payments by causing firms to fret that they're violating U.S. financial sanctions.

Still, for-profit ransomware hacking by mostly Russian ransomware-as-a-service groups and Kremlin priorities often align, not the least since ransomware criminals operate with the forbearance of the state (see: Russia Has Taken No Action to Combat Ransomware, FBI Says).

Operations for global shipping giant A.P. Møller-Maersk were crippled for days in the aftermath of a 2017 ransomware worm the U.S. federal government later said had been the work of Russia intelligence.

A 2022 report on the state of maritime industry cybersecurity found that close to half of more than 200 surveyed industry professionals said their organizations had experienced a cyberattack during the last three years.

So far, the impact of those cyberattacks, including the attack against DNV, are felt by onshore systems rather than onboard ships. Industry experts warn that may change as bandwidth improvements enable a tighter coupling between onshore systems and navigation and other onboard systems.


About the Author

Prajeet Nair

Prajeet Nair

Assistant Editor, Global News Desk, ISMG

Nair is assistant editor for Information Security Media Group's global news desk. He has previously worked at TechCircle, IDG, Times Group and other publications where he reported on developments in enterprise technology, digital transformation and other issues.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.