Cyber Attack On Ship Management Operating Technology

Uploaded on 2023-02-02 in FREE TO VIEW, BUSINESS-Services-Transport & Travel

Norwegian shipping classification society DNV has reported that  ShipManager servers were victim of a ransomware cyber attack over the first weekend in January. DNV says "more than 7,000 vessels owned by 300 customers" use ShipManager, and some 1,000 ships owned by 70 customers were affected by this attack.

DNV experts shut down the servers immediately in response to the incident, after the ransomware attack forced its ShipManager software offline without a connection to on-shore servers. 

The attack does not affect the vessels’ ability to operate. and all the affected vessels can still use the onboard offline functionalities of the ShipManager software, as well other systems onboard the vessels which are unaffected. 

The Norwegian Police, Norwegian National Security Authority, Norwegian Data Protection Authority, and the German Cyber Security Authority were all informed of the security breach.

There's evidence that the shipping and transportation industries are becoming more popular as targets for cyber criminals, according to the XDR specialists at Trellix. In their Q3 2022 Threat Report, Trellix say that ransomware attacks against the shipping and transportation sector in the US had doubled from the second to the third quarter of 2022.

Cyber threats are not new to the wider maritime shipping and logistics industries, but the incident comes at a time when supply lines are stretched and Russia’s invasion of Ukraine brought greater scrutiny of such risks.

The ransomware attack on DNV is one of many to have impacted the shipping industry in recent weeks. The Port of Lisbon, the third-largest shipping port in Portugal, was the target of a LockBit ransomware attack over Christmas.

DNV:      Offshore Energy:   The Register:      Trellix:      SuppyChainBrain:    Techcrunch:    Bloomberg:

You Might Also Read: 

Ever Increasing Attacks On Maritime Ports & Systems:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Choose the best web application firewall for you
Ransom Attack On Financial Services Software Supplier  »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Kaspersky Lab

Kaspersky Lab

Kaspersky Lab is one of the world’s largest privately held vendors of endpoint cybersecurity solutions.

SQA Service

SQA Service

SQA Service provide independent software and process Quality Assurance services.

Egerie

Egerie

EGERIE's RiskManager solution provides a Global, Centralized, and Updated view of risk maps and security measures for your company.

Ethoca

Ethoca

Ethoca is a secure network for card issuers and merchants to connect and work cooperatively outside the payment network in a unique and powerful way.

Dermalog Identification Systems

Dermalog Identification Systems

Dermalog Identification Systems is a pioneer in biometry and the largest German manufacturer of biometric devices and systems.

Steganos

Steganos

Steganos offers highly secure and easy to use software tools that protect and secure on and offline data.

NLnet Labs

NLnet Labs

NLnet Labs is a not-for-profit foundation with a long heritage in research and development, Internet architecture and governance, as well as security in the area of DNS and inter-domain routing.

Brighter AI

Brighter AI

Brighter AI empowers companies to use publicly-recorded camera data for analytics & AI while being compliant with increasing data privacy regulations worldwide.

Cowbell Cyber

Cowbell Cyber

Cowbell Cyber™ offers continuous risk assessment, comprehensive cyber liability coverage, and continuous underwriting through an AI-powered platform.

Eclypsium

Eclypsium

Eclypsium protects organizations from the foundation of their computing infrastructure upward, controlling the risk and stopping threats inside firmware of laptops, servers, and networks.

Jump Capital

Jump Capital

Jump provides series A and B capital to data-driven tech companies within the FinTech, IT & Data Infrastructure, B2B SaaS and Media sectors.

SafeGuard Cyber

SafeGuard Cyber

The SafeGuard Cyber SaaS platform empowers enterprises to adopt the social and digital channels they need to reach customers, while reducing digital risk and staying secure and compliant.

BlackDice Cyber

BlackDice Cyber

Threat Intelligence is only part of the solution. Our solution matches threats to vulnerabilities and automatically takes remedial action against compromised apps, devices and websites.

Trustaira

Trustaira

Trustaira is the first deep tech solution and service company in Bangladesh.

Dynamic Standards International (DSI)

Dynamic Standards International (DSI)

Dynamic Standards International is a global standards development organization which develops certifiable ‘dynamic standards’ that pace with fast-evolving landscapes.

LiveAction

LiveAction

LiveAction’s Network Intelligence platform transforms complex data into actionable insights, providing organizations with a comprehensive view of their network.