DNV Discloses Ransomware Attack That Affected Ships At Sea

DNV, a maritime software supplier, has disclosed that it is the victim of a ransomware attack that has affected about 1,000 vessels. The ransomware attack took place on the evening of January 7th. In response to the incident, the company has shut down the IT servers connected to the ShipManager system operated by the company. At this time, the company has yet to disclose the strain of ransomware that infected its systems.

Dr. Darren Williams, CEO and Founder, BlackFog, has offered perspectives on this news:

     “Although the strain of ransomware used in this attack is still to be officially declared, the first major concern that comes to mind in relation to the attack at Maritime DNV is it adds yet another critical infrastructure victim to the list. With a global war at play and the DNV holding a global market share of 21% of the solutions and services of any maritime vessel, suppliers such as the DNV are ideal victims for attackers due to the large-scale disruption they can potentially cause.

As we wait for more details on the DNV attack, we can be confident that data exfiltration and extortion were a motive for the currently unknown attackers. With 89% of all publicly disclosed attacks in 2022 exfiltrating data, it’s evident that bad actors have moved on from encryption well and truly. The escalation and severity of the attacks we are seeing on a regular basis clearly demonstrate that older technologies relied on by organizations are insufficient when it comes to preventing ransomware. 

In any case, once access to a system is gained by attackers, it is only a matter of time before ransomware is deployed. In addition to reporting the incident to the authorities and shutting its IT servers down, as the Norwegian supplier has done, organizations must refuse to pay the ransom where possible, and focus on preventing data exfiltration to put a stop to ransomware and extortion. Fortunately, third-generation cybersecurity tools have been specially designed to do this. Organizations adding this technology to their cybersecurity stack in 2023 will stay out of the ransomware headlines while attackers move on to less protected companies.”

This shows the effects of a ransomware attack can be downstream in nature. Which makes stopping ransomware attacks of paramount importance.

Leave a Reply

%d bloggers like this: