Cyber Attack On Ship Management Operating Technology

Norwegian shipping classification society DNV has reported that  ShipManager servers were victim of a ransomware cyber attack over the first weekend in January. DNV says "more than 7,000 vessels owned by 300 customers" use ShipManager, and some 1,000 ships owned by 70 customers were affected by this attack.

DNV experts shut down the servers immediately in response to the incident, after the ransomware attack forced its ShipManager software offline without a connection to on-shore servers. 

The attack does not affect the vessels’ ability to operate. and all the affected vessels can still use the onboard offline functionalities of the ShipManager software, as well other systems onboard the vessels which are unaffected. 

The Norwegian Police, Norwegian National Security Authority, Norwegian Data Protection Authority, and the German Cyber Security Authority were all informed of the security breach.

There's evidence that the shipping and transportation industries are becoming more popular as targets for cyber criminals, according to the XDR specialists at Trellix. In their Q3 2022 Threat Report, Trellix say that ransomware attacks against the shipping and transportation sector in the US had doubled from the second to the third quarter of 2022.

Cyber threats are not new to the wider maritime shipping and logistics industries, but the incident comes at a time when supply lines are stretched and Russia’s invasion of Ukraine brought greater scrutiny of such risks.

The ransomware attack on DNV is one of many to have impacted the shipping industry in recent weeks. 
The Port of Lisbon, the third-largest shipping port in Portugal, was the target of a LockBit ransomware attack over Christmas.

DNV:      Offshore Energy:   The Register:      Trellix:      SuppyChainBrain:    Techcrunch:    Bloomberg:

You Might Also Read: 

Ever Increasing Attacks On Maritime Ports & Systems:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« Choose the best web application firewall for you
Ransom Attack On Financial Services Software Supplier  »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

BackupVault

BackupVault

BackupVault is a leading provider of completely automatic, fully encrypted online, cloud backup.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Clayden Law

Clayden Law

Clayden Law are experts in information technology, data privacy and cybersecurity law.

SureCloud

SureCloud

SureCloud is a Governance, Risk and Compliance (GRC) and Cybersecurity Solutions provider.

Open Networking Foundation (ONF)

Open Networking Foundation (ONF)

The Open Networking Foundation (ONF) is a non-profit operator led consortium driving transformation of network infrastructure and carrier business models.

RSA Insurance Group

RSA Insurance Group

RSA is one of the world’s leading multinational quoted insurance groups. Commercial services include cyber risk insurance.

Cyber Threat Intelligence Network (CTIN)

Cyber Threat Intelligence Network (CTIN)

CTIN provides cyber threat intelligence services including training, platform evaluation, ISAC/ISAO systems development and counter botnet operations.

Sandvine

Sandvine

Sandvine’s network policy control solutions add intelligence to fixed, mobile, and converged communications service provider networks.

RunSafe Security

RunSafe Security

RunSafe Security is the pioneer of a patented cyberhardening transformation process designed to disrupt attackers and protect vulnerable embedded systems and devices.

LATRO Services

LATRO Services

LATRO Services is a complete solution provider to discover, locate, and eliminate telecom fraud.

National Cybersecurity Preparedness Consortium (NCPC)

National Cybersecurity Preparedness Consortium (NCPC)

The mission of the NCPC is to provide research-based, cybersecurity-related training, exercises and technical assistance to local jurisdictions, counties, states and the private sector.

Haechi Audit

Haechi Audit

Haechi Audit is a leading smart contract security audit firm. We provide the most secure smart contract security audit and smart contract development services to our global clients.

ValidSoft

ValidSoft

ValidSoft is a security software company, providing telecommunications-based multi-factor authentication, identity and transaction verification technology.

Quantum Security Solutions (QSec)

Quantum Security Solutions (QSec)

QSec is an innovative information security consultancy based in Ghana. We can provide your organisation with information security products and services that assure against information risk.

SignalSEC

SignalSEC

SignalSEC provides vulnerability intelligence, malware analysis, penetration testing and associated training services.

IMQ Group

IMQ Group

IMQ is one of Europe’s top players in the field of conformity assessment. We offer certification services to support all the major sectors of the manufacturing and service industries.

Coretelligent

Coretelligent

Coretelligent is a leading providers of Managed and Co-Managed IT, cybersecurity and private cloud services.

Salem Cyber

Salem Cyber

Salem Cyber builds Artificial Intelligence (AI) solutions that work collaboratively with people to address scalability challenges in cybersecurity operations.

Quantum eMotion (QeM)

Quantum eMotion (QeM)

Quantum eMotion is a Montreal-based advanced developer leading the way towards a new generation of quantum-safe encryption for the quantum computing age.