Ransomware Attack on DNV Ship Management Software Impacts 1,000 Vessels

Norway‎-based industrial risk management and assurance solutions provider DNV said a recent ransomware attack on its ship management software impacted 1,000 vessels.

DNV revealed on January 9 that its ShipManager software was targeted in a cyberattack on January 7, which forced the company to shut down associated servers.

In an update shared on January 17, the company clarified that it was targeted in a ransomware attack that impacted 70 of its customers and roughly 1,000 vessels.

“There are no indications that any other software or data by DNV is affected. The server outage does not impact any other DNV services,” DNV said in a press release.

It’s unclear which ransomware group is behind the attack and whether any data has been stolen. SecurityWeek has checked the websites of several major groups, but found no mention of DNV. However, threat actors typically name victims and threaten to leak stolen data only after initial negotiations have failed.

[ Read: The Vulnerable Maritime Supply Chain – a Threat to the Global Economy ]

DNV provides a wide range of services for the maritime, power, oil and gas, automotive and aerospace, food and beverage, and the healthcare industries. The company’s ShipManager software for the maritime industry is designed for ship management operations and ship design.

DNV says on its website that 300 shipping companies worldwide use its maritime software for more than 6,000 vessels.

SecurityWeek talked to several experts last year about cybersecurity in the maritime industry, including attack vectors, the potential effects of maritime supply chain damage, threat scenarios, attacker motivations, and what the industry should do to address existing problems.

Related: ​​Maritime Cybersecurity: Securing Assets at Sea

Related: US Releases Cybersecurity Plan for Maritime Sector

Related: UN Maritime Agency Hit by ‘Sophisticated Cyberattack’