Ransomware Attack Hits US Shipyard

The shipyard that builds the US Navy’s Freedom-class Littoral Combat Ship and the Constellation-class guided-missile frigate has suffered a ransomware attack, delaying production across the shipyard. The Fincantieri Marinette Marine company has said that it has no evidence that employees’ personal information was affected, although this cyber security attack has disrupted computer systems at the defence shipbuilder. 

The company has acknowledged the incident in a statement to the local Wisconsin Green Bay Press-Gazette, but did not provide any details about the type of attack that occurred. 

The statement indicated the company's email server and some network operations remain off-line and that it is working with US federal agencies and partners to investigate the incident. Fincantieri Marine experienced the attack in the early morning hours of April 12, when large chunks of data on the shipyard’s network servers were rendered unusable by an unknown hacking group.

In a typical ransomware attack, attackers take the information on a server, encrypt it and set terms for a key that will unlock the data.

The attack targeted servers that held data used to feed instructions to the shipyard’s computer numerical control manufacturing machines, knocking them offline for several days. CNC-enabled machines are the backbone of modern manufacturing, taking specifications developed with design software and sending instructions to devices like welders, cutters, bending machines and other computer-controlled tools. It remains unclear if the attackers stole any critical defence data.

The disclosure of  attack comes a few days after a UK security agency warning of “state-aligned” Russian groups that might attack on critical national infrastructure.

Cyber attacks are an increasing threat and the defence industrial base is a critical target. Fortunately, more companies are refusing to hope the risk goes away and are more widely complying with government requests to disclose incidents and provide information.

Green Bay Press-Gazette:    USNI:     Infosecurity Magazine:     Clearance Jobs:    MSN:     Yahoo:  

You Might Also Read:

US Defense Contractors Don't Meet Basic Cyber Security Standards:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« Open Source Software In The Cloud
NSA Warning: China Is Stealing AI Technology »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Proofpoint

Proofpoint

Proofpoint provide the most effective cybersecurity and compliance solutions to protect people on every channel including email, the web, the cloud, social media and mobile messaging.

Cigniti Technologies

Cigniti Technologies

Cigniti Technologies provides Independent Software Testing (IST) Services including software security testing.

AMETIC

AMETIC

AMETIC, is the Association of Electronics, Information and Communications Technologies, Telecommunications and Digital Content Companies in Spain.

Galvanize

Galvanize

Galvanize is a leading provider of award-winning, cloud-based security, risk management, compliance, and audit software for some of the world’s largest organizations.

VigiTrust

VigiTrust

VigiTrust is a security firm specializing in cloud based eLearning programs, security compliance portals and providing security assessments.

Digital Security

Digital Security

Digital Security is an Ecuadorian company specialized in providing comprehensive information security solutions.

Randori

Randori

Randori is an attack platform that provides "red-teaming" as a service - basically, staging simulated hack attacks to test for vulnerabilities and gaps in the security response.

United Biometrics

United Biometrics

United Biometrics is an anonymous and real-time authentication platform designed to stop the fraud for mobile payments, e-Commerce and applications.

TeskaLabs

TeskaLabs

TeskaLabs is a software vendor of cybersecurity and data privacy products.

Finnish Accreditation Service (FINAS)

Finnish Accreditation Service (FINAS)

FINAS is the national accreditation body for Finland. The directory of members provides details of organisations offering certification services for ISO 27001.

Pentera Security

Pentera Security

Pentera (formerly Pcysys) is focused on the inside threat. Our automated penetration-testing platform mimics the hacker's attack - automating the discovery of vulnerabilities.

European Cyber Competence Network

European Cyber Competence Network

The purpose of the European Cyber Competence Network is to retain and develop the cybersecurity technological and industrial capacities of the EU necessary to secure its Digital Single Market.

Otto

Otto

Stop Client-Side Attacks. Plug otto into your application security suite and protect your supply chain.

UK Cyber Cluster Collaboration (UKC3)

UK Cyber Cluster Collaboration (UKC3)

UKC3 has been launched to support Cyber Clusters and encourage greater collaboration across regions and nations of the UK.

Dimension Data

Dimension Data

Dimension Data is a leading African born technology provider operating in the Middle East and Africa, offering a portfolio of services including intelligent security solutions.

TIM Enterprise

TIM Enterprise

TIM Enterprise offers innovative, sustainable and secure 360-degree digital solutions to companies and public administrations.

CyberForceHQ

CyberForceHQ

CyberForce helps cyber security professionals take real-world tests, get ranked and get paid better. It's that simple.