Cyber Attack On Ship Management Operating Technology

Uploaded on 2023-02-02 in FREE TO VIEW, BUSINESS-Services-Transport & Travel

Norwegian shipping classification society DNV has reported that  ShipManager servers were victim of a ransomware cyber attack over the first weekend in January. DNV says "more than 7,000 vessels owned by 300 customers" use ShipManager, and some 1,000 ships owned by 70 customers were affected by this attack.

DNV experts shut down the servers immediately in response to the incident, after the ransomware attack forced its ShipManager software offline without a connection to on-shore servers. 

The attack does not affect the vessels’ ability to operate. and all the affected vessels can still use the onboard offline functionalities of the ShipManager software, as well other systems onboard the vessels which are unaffected. 

The Norwegian Police, Norwegian National Security Authority, Norwegian Data Protection Authority, and the German Cyber Security Authority were all informed of the security breach.

There's evidence that the shipping and transportation industries are becoming more popular as targets for cyber criminals, according to the XDR specialists at Trellix. In their Q3 2022 Threat Report, Trellix say that ransomware attacks against the shipping and transportation sector in the US had doubled from the second to the third quarter of 2022.

Cyber threats are not new to the wider maritime shipping and logistics industries, but the incident comes at a time when supply lines are stretched and Russia’s invasion of Ukraine brought greater scrutiny of such risks.

The ransomware attack on DNV is one of many to have impacted the shipping industry in recent weeks. The Port of Lisbon, the third-largest shipping port in Portugal, was the target of a LockBit ransomware attack over Christmas.

DNV:      Offshore Energy:   The Register:      Trellix:      SuppyChainBrain:    Techcrunch:    Bloomberg:

You Might Also Read: 

Ever Increasing Attacks On Maritime Ports & Systems:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Choose the best web application firewall for you
Ransom Attack On Financial Services Software Supplier  »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

KELA

KELA

KELA's powerful cybercrime intelligence platform uncovers and neutralizes the most relevant cybersecurity threats coming from the hardest-to-reach places on the internet.

Open Information Security Foundation (OISF)

Open Information Security Foundation (OISF)

OISF is a non-profit organization led by world-class security experts, programmers, and others dedicated to open source security technologies.

Cyber Security Audit Corp (C3SA)

Cyber Security Audit Corp (C3SA)

C3SA specializes in architecting, operating, managing and improving defensible and resilient IT infrastructures for Canada's public and private sectors.

Cog Systems

Cog Systems

Cog Systems offer an embedded solution built on modularity, proactive security, trustworthiness, and adaptability to enable highly secure connected devices.

JM Search

JM Search

JM Search’s Information Technology Executives Practice sources the most sought-after technology roles including CIO, CTO, CISO, CDO and other senior posts.

Voxility

Voxility

Voxility provides Infrastructure-as-a-Service in the biggest Internet hubs in the world.

VirtualArmour

VirtualArmour

VirtualArmour is a managed security services provider with global reach and local attitude.

Analog Devices Inc (ADI)

Analog Devices Inc (ADI)

Analog Devices is uniquely positioned to deliver security at the edge, where the data is born, because our sensor solutions convert the physical, analog world into the digital world.

Xscale Accelerator

Xscale Accelerator

Xscale's vision is to create world-class startups out of India by transforming sales and providing access to global markets.

ORS Consulting

ORS Consulting

ORS Consulting is a specialist provider of risk management advisory services supporting asset-intensive industries such as chemicals, energy, power and utilities, defence and maritime.

Quantum eMotion (QeM)

Quantum eMotion (QeM)

Quantum eMotion is a Montreal-based advanced developer leading the way towards a new generation of quantum-safe encryption for the quantum computing age.

Dutch Research Council (NWO)

Dutch Research Council (NWO)

The Dutch Research Council (NWO) is one of the most important science-funding bodies in the Netherlands and ensures quality and innovation in science.

Covenant Technologies

Covenant Technologies

Make Covenant Technologies the only choice for your IT and cybersecurity recruitment needs. We deliver quality candidates at the forefront of the cybersecurity and IT industry.

Velaspan

Velaspan

Velaspan design, deploy, and manage enterprise wireless networks and cybersecurity solutions for leading businesses and brands.

Assurestor

Assurestor

Assurestor's singular focus is delivering leading cloud-based backup and disaster recovery designed to increase levels of IT resilience.

OmniIndex

OmniIndex

OmniIndex PostgresBC is the only commercial solution allowing you to keep your most sensitive and critical data encrypted while analyzing it. Structured and unstructured.