DNV, a Norwegian shipping classification society, has confirmed its systems were hit by a ransomware attack, affecting around 1,000 ships that rely on its technology.
The Oslo-based DNV said in a statement on Wednesday that its ShipManager software was targeted by file-encrypting malware on January 7, forcing the organization to shut down its servers. ShipManager is a fleet management software that allows DNV shipping customers to monitor the operational, technical and compliance features of a shipping fleet, and is used by more than 7,000 vessels owned by 300 customers, according to the company’s website.
DNV said that 70 customers operating around 1,000 vessels were affected by the attack, close to 15% of its total fleet.
In a statement given to TechCrunch, DNV spokesperson Margrethe Andersen confirmed that all impacted vessels can still use the onboard, offline functionalities of the ShipManager software. “The cyber-attack does not affect the vessels’ ability to operate,” said Andersen.
DNV also says it’s confident that other DNV servers have not been affected. However, when asked whether any data was compromised as a result of the attack, the company declined to comment. DNV also declined to say whether the attack would result in any delays for ships and their onboard cargo.
The company said it is cooperating with the police. “We cannot release information that could harm or delay the investigation,” the spokesperson said.
It is unclear how DNV was compromised, if the company received a ransom demand or who was behind the attack. TechCrunch checked the websites of several major ransomware groups but found no mention of DNV.
“DNV is working closely with global IT security partners to analyze the incident and ensure secure online operations as soon as possible,” the company said. “All affected customers have been advised to consider relevant mitigating measures depending on the types of data they have uploaded to the system.
The ransomware attack on DNV is one of many to have impacted the shipping industry in recent weeks. The Port of Lisbon, the third-largest shipping port in Portugal, was the target of a LockBit ransomware attack on Christmas Day.
The Housing Authority of the City of Los Angeles, or HACLA, has confirmed it is investigating a cybersecurity incident shortly after the LockBit ransomware gang claimed responsibility for a cyberattack on the agency. HACLA, which provides affordable housing to more than 19,000 low-income families across Los Angeles, was added to LockBit’s dark web leak site on […]
Facebook-parent Meta has launched a subscription service, called Meta Verified, that will allow users to add the coveted blue check mark to their Instagram and Facebook accounts for up to $15 a month by verifying their identity, its chief executive Mark Zuckerberg said on Sunday, tapping a new revenue channel that has returned mixed success […]
Cybercriminals are actively exploiting a two-year-old VMware vulnerability as part of a ransomware campaign targeting thousands of organizations worldwide. Reports emerged over the weekend that VMware ESXi servers left vulnerable and unpatched against a remotely exploitable bug from 2021 were compromised and scrambled by a ransomware variant dubbed “ESXiArgs.” ESXi is VMware’s hypervisor, a technology that […]
Leave a Reply