>
The Norwegian ship classification society DNV has been hit by ransomware (opens in new tab) attack that forced the company to shut down some of its servers.
The attack affected about 1,000 ships using DNV’s ShipManager software – a tool its customers use to monitor various characteristics of their ship fleets.
DNV says some 300 companies use the tool to manage more than 7,000 vessels. Of that number, 70 companies managing some 1,000 vessels were affected by the incident – about 15% of the total fleet.
Unknown attackers
On board, offline functionalities of the software can still be used, the company further said, adding that other systems on board the ships are not affected by the ransomware attack. Furthermore, the ships can still sail.
In addition to the ShipManager servers, other servers and other data were also not affected, the company said.
Other details about the incident are missing. The company did not say which group was behind the attack, or how the ransomware was deployed (whether malware, phishing or social engineering was used in the attack). No groups have yet taken responsibility for the attack.
We also don’t know the ransom demanded, or the deadlines, as the company has declined to comment on the possibility of sensitive data being stolen, and declined to say whether the attack would cause delays to ships and cargo.
However, DNV has confirmed that police and other law enforcement agencies have been notified.
“The attack has been reported to the Norwegian police, who have informed the relevant police forces. It was also reported to the Norwegian National Security Authority, the Norwegian Data Protection Authority (DPA), and the German Cybersecurity Authority. All affected customers have been advised of their responsibility to notify the relevant data protection authorities in their country,” the organization said.
Through: TechCrunch (opens in new tab)