Cyber Attack On Ship Management Operating Technology

Uploaded on 2023-02-02 in FREE TO VIEW, BUSINESS-Services-Transport & Travel

Norwegian shipping classification society DNV has reported that  ShipManager servers were victim of a ransomware cyber attack over the first weekend in January. DNV says "more than 7,000 vessels owned by 300 customers" use ShipManager, and some 1,000 ships owned by 70 customers were affected by this attack.

DNV experts shut down the servers immediately in response to the incident, after the ransomware attack forced its ShipManager software offline without a connection to on-shore servers. 

The attack does not affect the vessels’ ability to operate. and all the affected vessels can still use the onboard offline functionalities of the ShipManager software, as well other systems onboard the vessels which are unaffected. 

The Norwegian Police, Norwegian National Security Authority, Norwegian Data Protection Authority, and the German Cyber Security Authority were all informed of the security breach.

There's evidence that the shipping and transportation industries are becoming more popular as targets for cyber criminals, according to the XDR specialists at Trellix. In their Q3 2022 Threat Report, Trellix say that ransomware attacks against the shipping and transportation sector in the US had doubled from the second to the third quarter of 2022.

Cyber threats are not new to the wider maritime shipping and logistics industries, but the incident comes at a time when supply lines are stretched and Russia’s invasion of Ukraine brought greater scrutiny of such risks.

The ransomware attack on DNV is one of many to have impacted the shipping industry in recent weeks. The Port of Lisbon, the third-largest shipping port in Portugal, was the target of a LockBit ransomware attack over Christmas.

DNV:      Offshore Energy:   The Register:      Trellix:      SuppyChainBrain:    Techcrunch:    Bloomberg:

You Might Also Read: 

Ever Increasing Attacks On Maritime Ports & Systems:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Choose the best web application firewall for you
Ransom Attack On Financial Services Software Supplier  »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Secure India

Secure India

Secure India provides Forensic Solutions that help Government and Business in dealing with prevention and resolution of Cyber related threats.

Bulletproof Cyber

Bulletproof Cyber

Bulletproof offer a range of security services, from penetration testing and vulnerability assessments to 24/7 security monitoring, and consultancy.

Sentia

Sentia

Sentia is an IT and infrastructure firm, with focus on Outsourcing, IT operation and management, Hosting, Co-location, Network, and IT security.

CLDigital

CLDigital

CLDigital's no-code risk and resilience platform, CL360, provides leaders with risk and resilience data to make strategic and tactical continuity decisions.

Me Learning

Me Learning

Me Learning provides engaging, informative and clearly explained learning materials for complex and challenging professional environments in areas including GDPR and Information Governance.

SecureAppbox

SecureAppbox

SecureAppbox provide solutions that protects the communication of sensitive data as well as advice on data security and compliance with GDPR.

Practical Assurance

Practical Assurance

Practical Assurance helps companies navigate the rough terrain of information security compliance.

Lumu Technologies

Lumu Technologies

Lumu is a cybersecurity company that illuminates threats and attacks affecting enterprises worldwide.

Traced

Traced

At Traced, our aim is to redefine mobile cyber security to provide the best possible protection to everyone against breaches of privacy and security.

CleanCloud by SEK

CleanCloud by SEK

CleanCloud by SEK is a CSPM product focused on public cloud data protection and security regulations, with over 400 compliance checks for the market's leading frameworks and regulations.

Thistle Technologies

Thistle Technologies

Thistle Technologies is building tools that help connected device manufacturers build security resiliency into devices.

Private Client Cyber Security (PCCS)

Private Client Cyber Security (PCCS)

PCCS provides enterprise-grade cybersecurity consulting and services to professional practices, executives, athletes, and high net worth families.

Legit Security

Legit Security

Legit Security's mission is to secure every organization's software factory by protecting the pipelines, infrastructure, code and people for faster and more secure software releases.

Edera

Edera

Edera is changing the way containers are run and secured, making isolation a reality and fundamentally transforming computing in the process.

CQURE

CQURE

CQURE is divided into four main cybersecurity excellence areas: CQURE Consulting, CQURE Academy, CQURE Knowledge Sharing and CQURE Cyber Lab.

Expleo

Expleo

Expleo is a global engineering, technology and consulting service provider that partners with leading organisations to guide them through their business transformation.