The Norwegian classification society DNV has been attacked by ransomware (opens in a new tab) an attack that forced the company to shut down some servers.
The attack affected around 1,000 ships using DNV’s ShipManager software, a tool customers use to monitor various functions of their transport fleets.
DNV says around 300 companies use the tool to manage over 7,000 vessels. Of these, 70 companies managing around 1,000 vessels were affected by the incident – around 15% of the entire fleet.
Unknown attackers
The software’s onboard and offline functions can still be used, the company added, adding that the ransomware attack did not affect other systems on board the ships. In addition, ships can still operate.
Apart from the ShipManager servers, other servers and other data were also unaffected, the company said.
Other details of the event are missing. The company did not say which group was behind the attack or how the ransomware was deployed (whether malware, phishing or social engineering was used in the attack). No group has yet claimed responsibility for the attack.
We also don’t know the ransom demand or deadlines, as the company declined to comment on the possibility of sensitive data being stolen, and also declined to say whether the attack would cause any delays to ships and cargo.
However, DNV has confirmed that police and other law enforcement agencies have been notified.
“The attack was reported to the Norwegian police, who informed the relevant police services. It has also been reported to the Norwegian National Security Authority, the Norwegian Data Protection Authority (DPA) and the German Cybersecurity Authority. All affected customers have been notified of their obligation to notify the relevant data protection authorities in their countries,” the organization said.
Through: TechCrunch (opens in a new tab)