Ransomware Attack Hits US Shipyard

Uploaded on 2023-05-10 in NEWS-News Analysis, FREE TO VIEW, BUSINESS-Services-Transport & Travel, TECHNOLOGY--Hackers

The shipyard that builds the US Navy’s Freedom-class Littoral Combat Ship and the Constellation-class guided-missile frigate has suffered a ransomware attack, delaying production across the shipyard. The Fincantieri Marinette Marine company has said that it has no evidence that employees’ personal information was affected, although this cyber security attack has disrupted computer systems at the defence shipbuilder. 

The company has acknowledged the incident in a statement to the local Wisconsin Green Bay Press-Gazette, but did not provide any details about the type of attack that occurred. 

The statement indicated the company's email server and some network operations remain off-line and that it is working with US federal agencies and partners to investigate the incident. Fincantieri Marine experienced the attack in the early morning hours of April 12, when large chunks of data on the shipyard’s network servers were rendered unusable by an unknown hacking group.

In a typical ransomware attack, attackers take the information on a server, encrypt it and set terms for a key that will unlock the data.

The attack targeted servers that held data used to feed instructions to the shipyard’s computer numerical control manufacturing machines, knocking them offline for several days. CNC-enabled machines are the backbone of modern manufacturing, taking specifications developed with design software and sending instructions to devices like welders, cutters, bending machines and other computer-controlled tools. It remains unclear if the attackers stole any critical defence data.

The disclosure of  attack comes a few days after a UK security agency warning of “state-aligned” Russian groups that might attack on critical national infrastructure.

Cyber attacks are an increasing threat and the defence industrial base is a critical target. Fortunately, more companies are refusing to hope the risk goes away and are more widely complying with government requests to disclose incidents and provide information.

Green Bay Press-Gazette:    USNI:     Infosecurity Magazine:     Clearance Jobs:    MSN:     Yahoo:  

You Might Also Read:

US Defense Contractors Don't Meet Basic Cyber Security Standards:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Open Source Software In The Cloud
NSA Warning: China Is Stealing AI Technology »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall And Why Does It Matter

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall And Why Does It Matter

See how to use next-generation firewalls (NGFWs) and how they boost your security posture.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Wall Street Technology Association (WSTA)

Wall Street Technology Association (WSTA)

The Wall Street Technology Association (WSTA) provides financial industry technology professionals with forums to learn from and connect with each other.

Q-CERT

Q-CERT

Q-CERT is the National Computer Security Emergency Team of Qatar.

Nexis

Nexis

Nexis GmbH is a German IT security company specializing in IAM, access control, and risk management.

Lirex

Lirex

Lirex offer consulting and outsourcing services, complete design, construction and maintenance of ICT solutions and systems including cybersecurity.

Valire Software

Valire Software

Valire provide a solution for the automated detection of internal fraud.

Orca Security

Orca Security

Orca Security delivers full stack visibility including prioritized alerts to vulnerabilities, compromises, misconfigurations, and more across your entire inventory on all your cloud accounts.

Ukrainian Academy of Cyber Security (UACS)

Ukrainian Academy of Cyber Security (UACS)

UACS is a professional non-profit public organization established to promote the development of an extensive network and ecosystem of education and training in the field of cyber security.

Informer

Informer

Informer provides an Attack Surface Management SaaS platform alongside penetration testing services. We combine machine learning and human intelligence to reduce cyber risk.

KrCERT/CC

KrCERT/CC

KrCERT/CC is the National Computer Emergency Response Team in Korea.

Theta432

Theta432

THETA432 is a cybersecurity firm that provides 24/7/365 managed prevention, detection, response, Hybrid SOC, cyber defense monitoring services with dynamically defined defense (3D™).

QA Consultants

QA Consultants

QA Consultants is North America’s largest software quality engineering services firm, an award-winning onshore provider of software testing and quality assurance solutions.

Dig Security

Dig Security

Dig Security offers the first data detection and response (DDR) solution, providing real-time visibility, control and protection of your data assets across any cloud.

BAE Systems

BAE Systems

BAE Systems develop, engineer, manufacture, and support products and systems to deliver military capability, protect national security, and keep critical information and infrastructure secure.

Strivacity

Strivacity

Strivacity lets brands quickly add secure login and identity management capabilities to their customer-facing applications without tying up an army of developers or consultants to do it.

Google Safety Engineering Center (GSEC)

Google Safety Engineering Center (GSEC)

GSEC Málaga is an international cybersecurity hub where Google experts work to understand the cyber threat landscape and to create tools that keep users around the world safer online.

Aegis9

Aegis9

Aegis9 is an Australian owned and sovereign consultancy that specialises in providing tailored security solutions for both public and private sector clients based on their specific needs.