Maritime Cyber-attack: DNV ShipManager Incident

Maritime Cyber-attack: DNV ShipManager Incident

Incident Date : 2023 | Topic : Cyber | Region : Europe | Tag : Case Study
In recent years, cyber-attacks have become a significant concern for organizations across various industries. Another recent incident that we were exposed to was the cyber-attack on DNV’s ShipManager system.
The shipping industry relies heavily on technology, with vessels and operations relying on computer systems for navigation, communication, and other essential functions. Cyber-attacks on these systems can result in loss of control, navigation errors, and other dangerous situations. Additionally, attacks on software systems like DNV’s ShipManager can disrupt operations and lead to financial losses.
On the evening of Saturday, 7 January, DNV, a Norwegian provider of industrial risk management and assurance solutions, reported that 1,000 ships were impacted by a recent ransomware attack on its ship management software.
DNV provides a wide range of services for the maritime, power, oil and gas, automotive and aerospace, food and beverage, and healthcare industries. The company’s ShipManager software for the maritime sector is designed for ship management operations and ship design. According to DNV’s data, over 7,000 vessels owned by around 300 customers use ShipManager and Navigator solutions.
DNV experts shut down the servers immediately in response to the incident, and there are no indications that any other data or servers by DNV are affected. DNV stated that all users could still use the software’s onboard and offline features. However, this could cause confusion and disruption within the shipping industry and threaten the safety of vessels and crew.
To date, it remains unclear which ransomware group is behind the attack and whether any data has been stolen.
This incident highlights the danger of damage to critical infrastructures by cyber-attacks. Critical infrastructure includes all of the assets, systems, and networks – physical and virtual – that are essential to the proper functioning of a society’s economy, national public health or safety, security, or any combination of the above.
Critical infrastructures, such as shipping, which is responsible for most parts of the global supply chain, are essential to the functioning of society and the economy. Therefore, disruptions to these infrastructures can have far-reaching and severe consequences, not just for the organizations affected bat also for the public.
Another example from the past that illustrates the scope of the risk in an attack on that industry, is the infamous NotPetya attack on Maersk in 2017, which is remembered as one of the first major cyber-attacks on shipping, was actually targeted elsewhere and only incidentally caused $300m in damages to the world’s largest shipping company, as well as costing TNT $400m. Globally, the attack has caused damages worth approximately $10 billion, including in Russia, from where it originated.
To protect against these attacks, organizations must take a proactive approach to cybersecurity and have incident response plans in place. It is crucial to consider the consequences of an attack on society and the economy, not just the organization itself.
Another incident occurred recently on January 11, when the NOTAM system failed, causing more than 11,000 flights to be delayed and more than 1,300 to be canceled across the United States. Later, the agency reported that certain files were damaged by employees who failed to follow procedures.
This incident demonstrates the vast implications of failure in a computer system in critical infrastructure and, in that case- the transportation industry.
Cyber threats against critical infrastructure are forecasted to increase over the coming years. It is the responsibility of government and private industry to remain ever cognizant of the responsibility they shoulder and therefore remain ever vigilant in their efforts to prevent current and upcoming threats. In order to achieve maximum resilience, security managers must monitor both physical and cyber threats simultaneously. The cost of failure is too high.
ASERO Worldwide is an expert in cyber security, securing complex models, critical infrastructure protection, critical information infrastructure protection, and risk assessment.
Our best practice solutions have been derived from several successful national and large-scale projects in the public and private sectors throughout the world.