Cyber Attack On Ship Management Operating Technology

Uploaded on 2023-02-02 in FREE TO VIEW, BUSINESS-Services-Transport & Travel

Norwegian shipping classification society DNV has reported that  ShipManager servers were victim of a ransomware cyber attack over the first weekend in January. DNV says "more than 7,000 vessels owned by 300 customers" use ShipManager, and some 1,000 ships owned by 70 customers were affected by this attack.

DNV experts shut down the servers immediately in response to the incident, after the ransomware attack forced its ShipManager software offline without a connection to on-shore servers. 

The attack does not affect the vessels’ ability to operate. and all the affected vessels can still use the onboard offline functionalities of the ShipManager software, as well other systems onboard the vessels which are unaffected. 

The Norwegian Police, Norwegian National Security Authority, Norwegian Data Protection Authority, and the German Cyber Security Authority were all informed of the security breach.

There's evidence that the shipping and transportation industries are becoming more popular as targets for cyber criminals, according to the XDR specialists at Trellix. In their Q3 2022 Threat Report, Trellix say that ransomware attacks against the shipping and transportation sector in the US had doubled from the second to the third quarter of 2022.

Cyber threats are not new to the wider maritime shipping and logistics industries, but the incident comes at a time when supply lines are stretched and Russia’s invasion of Ukraine brought greater scrutiny of such risks.

The ransomware attack on DNV is one of many to have impacted the shipping industry in recent weeks. The Port of Lisbon, the third-largest shipping port in Portugal, was the target of a LockBit ransomware attack over Christmas.

DNV:      Offshore Energy:   The Register:      Trellix:      SuppyChainBrain:    Techcrunch:    Bloomberg:

You Might Also Read: 

Ever Increasing Attacks On Maritime Ports & Systems:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Choose the best web application firewall for you
Ransom Attack On Financial Services Software Supplier  »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

CERT.AZ

CERT.AZ

The national Cyber Security Center of the Republic of Azerbaijan.

BetterCloud

BetterCloud

BetterCloud puts IT in control of the modern workplace through user lifecycle management, data discovery, and IT and security automation purpose-built for SaaS.

Real Random

Real Random

Real Random is on a mission to enhance existing and new crypto-systems with its revolutionary solution to generating numbers that are Truly Random.

Cloud Managed Networks

Cloud Managed Networks

Cloud Managed Networks provides enterprise grade IT network solutions for cloud-based and on premise network security, Wi-Fi, data switching, collaboration, device management and more.

MSPAlliance

MSPAlliance

MSPAlliance is the world’s largest industry association and certification body for cloud computing and managed service professionals.

Cyberport

Cyberport

Cyberport is focused on facilitating the growth of major technology trends such as FinTech and cybersecurity as well as the emerging technologies of AI, big data and blockchain.

CyberSafe

CyberSafe

CyberSafe is a Portuguese company with a focus on cybersecurity solutions and services including network security, managed security, incident response and forensic analysis.

Drata

Drata

Drata is a security and compliance automation platform that continuously monitors and collects evidence of a company's security controls, while streamlining workflows to ensure audit-readiness.

Retruster

Retruster

Protect your users against phishing emails, ransomware & fraud with the most advanced, user-friendly, non-intrusive solution available.

Blackpanda

Blackpanda

Blackpanda is Asia’s premier cyber security incident response group, hyper-focused on digital forensics and cyber crisis response.

HighGround

HighGround

HighGround offer a Cyber Security Solution for everybody, regardless of skillset, to feel empowered in their security experience in reaching Cyber Resilience.

FusionAuth

FusionAuth

FusionAuth is the customer authentication and authorization platform that makes developers' lives awesome.

Prompt Security

Prompt Security

Prompt Security provides an LLM agnostic approach to ensure security, data privacy and safety across all aspects of Generative AI.

Raito

Raito

Raito's unique solution integrates with the data development process and lets data teams monitor, manage, and automate data security across the data stack.

Flow Security

Flow Security

Enterprises run on data, Flow secures it at runtime. With a runtime-first approach, Flow is a game-changer in the data security space, securing data itself, beyond the infrastructure it resides in.

Boldend

Boldend

Boldend offers leading-edge offensive and defensive cybersecurity solutions that empower government and commercial organizations to stay resilient in an evolving threat landscape.