Marinette Marine Shipyard Ransomware Attack Delays Operations

According to US Naval Institute News, on April 12th the Fincantieri Marinette Marine shipyard that builds the U.S. Navy’s Freedom-class Littoral Combat Ship and the Constellation-class guided-missile frigate fell victim to a ransomware attack last week that has disrupted operations across the shipyard.

On the morning of the attack, large chunks of data on the shipyard’s network servers were rendered unusable by an unknown professional group. The compromised data is used to feed instructions to the shipyard’s computer numerical control (CNC) manufacturing machines, resulting in devices like welders, cutters, bending machines and other computer-controlled tools being offline for several days. 

As of yesterday afternoon, it is believed that some of the CNC machines at Marinette are again operational, and repair and construction operations continue, but email and some networked operations remain off-line for now.

Based on information from the Navy, it’s unclear if the attackers stole any data.

Carol Volk, EVP , BullWall had this to say:

   “This ransomware attack on the Fincantieri Marinette Marine shipyard disrupted operations across the shipyard by rendering data on network servers unusable, impacting critical CNC manufacturing machines. This highlights the potential impact of cyber attacks on industrial control systems and the need for robust detection mechanisms to identify and respond to such threats promptly. Even if data theft did not occur, the disruption caused by the attack can have significant operational and financial implications.

   “While preventative measures are crucial, it is important to acknowledge that motivated cybercriminals are constantly evolving their tactics and can often stay one step ahead. As such, detection and containment capabilities should be considered as “must have” defenses in addition to preventative measures.”

Roy Akerman, Co-Founder & CEO, Rezonate follows with this:

   “In addition to seeing ransomware groups with financial gain as thier main goal, we also see ransomware applied as a way to divert attention when attackers are creating a “smoke screen” with different objectives in mind, such as propagating through the network and creating backdoors for other more lucrative motivations. Especially here, in the case of the U.S. Navy where there is an increased risk of ransomware being the first visible risk while other true intentions remain stealthy.”

Hopefully the Navy figures out what happened and if the attackers stole the data. Because this will indicate how bad this ransomware attack truly is. Which given what this shipyard does, is something that we all have the right to know.

Leave a Reply

%d bloggers like this: