Ransomware Attack Hits US Shipyard

The shipyard that builds the US Navy’s Freedom-class Littoral Combat Ship and the Constellation-class guided-missile frigate has suffered a ransomware attack, delaying production across the shipyard. The Fincantieri Marinette Marine company has said that it has no evidence that employees’ personal information was affected, although this cyber security attack has disrupted computer systems at the defence shipbuilder. 

The company has acknowledged the incident in a statement to the local Wisconsin Green Bay Press-Gazette, but did not provide any details about the type of attack that occurred. 

The statement indicated the company's email server and some network operations remain off-line and that it is working with US federal agencies and partners to investigate the incident. Fincantieri Marine experienced the attack in the early morning hours of April 12, when large chunks of data on the shipyard’s network servers were rendered unusable by an unknown hacking group.

In a typical ransomware attack, attackers take the information on a server, encrypt it and set terms for a key that will unlock the data.

The attack targeted servers that held data used to feed instructions to the shipyard’s computer numerical control manufacturing machines, knocking them offline for several days. CNC-enabled machines are the backbone of modern manufacturing, taking specifications developed with design software and sending instructions to devices like welders, cutters, bending machines and other computer-controlled tools. It remains unclear if the attackers stole any critical defence data.

The disclosure of  attack comes a few days after a UK security agency warning of “state-aligned” Russian groups that might attack on critical national infrastructure.

Cyber attacks are an increasing threat and the defence industrial base is a critical target. Fortunately, more companies are refusing to hope the risk goes away and are more widely complying with government requests to disclose incidents and provide information.

Green Bay Press-Gazette:    USNI:     Infosecurity Magazine:     Clearance Jobs:    MSN:     Yahoo:  

You Might Also Read:

US Defense Contractors Don't Meet Basic Cyber Security Standards:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« Open Source Software In The Cloud
NSA Warning: China Is Stealing AI Technology »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Davis Wright Tremaine (DWT)

Davis Wright Tremaine (DWT)

Davis Wright Tremaine is a full-service law firm with offices throughout the US and in Shanghai, China. Practice areas include Technology, Privacy & Security.

Internet Security Alliance (ISA)

Internet Security Alliance (ISA)

ISA is an international trade association providing thought leadership in advancing a sustainable system of cyber security.

Integrity360

Integrity360

Integrity360 provide fully managed IT security services as well as security testing, integration, GRC and incident handling services.

Hivint

Hivint

Hivint is a new kind of Information Security professional services company enabling collaboration between our clients to reduce unnecessary security spend.

ANIS

ANIS

ANIS represents the interests of Romanian IT companies and supports the development of the software and services industry.

Odyssey

Odyssey

Odyssey is an ISO 27001 certified, Cyber -Security, Infrastructure and Risk Management Solutions integrator and a Managed Security Services Provider.

ABS Group

ABS Group

ABS Group provides risk and reliability solutions and technical services that help clients confirm the safety, integrity and security of critical assets and operations.

Prolimax

Prolimax

Prolimax deliver innovative solutions to IT Manufacturers, Distributors, Resellers and End-users including Data Erasure and secure IT Asset Disposition (ITAD)

KDM Analytics

KDM Analytics

KDM Analytics software products automate the NIST risk management framework (RMF) assessment for operational technology (OT) systems.

OSIbeyond

OSIbeyond

OSIbeyond provides comprehensive Managed IT Services to organizations in the Washington D.C., MD, and VA area including IT Help Desk Support, Cloud Solutions, Cybersecurity, and Technology Strategy.

ShieldApps

ShieldApps

ShieldApps comprehensive suite of products is designed to protect your personal devices from privacy threats, including hacking attempts, online tracking, fingerprinting, phishing, malware, and more.

KT Secure

KT Secure

KTSecure’s mission is to provide proven and productive cyber security solutions and managed services, backed by our highly qualified and passionate team of experts.

BT Security

BT Security

BT provides telecommunications and network infrastructure services to keep businesses around the world connected and secure.

PhishFirewall

PhishFirewall

PhishFirewall is an advanced AI-driven CyberSecurity Awareness Education, Threat Emulation, and Human Security Analytics Platform.

Cyber Chasse

Cyber Chasse

Cyber Chasse is an IT consulting and staffing company offering a full range of cybersecurity solutions, contract staffing services and online training courses.

Trovent Security

Trovent Security

Trovent was founded with a clear goal: to support medium-sized companies in significantly increasing their IT security level.