Image: Venti Views/Photomosh

Ransomware attack on maritime software impacts 1,000 ships

About 1,000 vessels have been affected by a ransomware attack against a major software supplier for ships. 

Oslo-based DNV – one of the world’s largest maritime organizations – said it was hit with ransomware on the evening of January 7 and was forced to shut down the IT servers connected to their ShipManager system. 

“DNV is communicating daily with all 70 affected customers to update them on findings of the ongoing forensic investigations. In total around 1000 vessels are affected,” DNV said in a statement on Monday. 

“All users can still use the onboard, offline functionalities of the ShipManager software. There are no indications that any other software or data by DNV is affected. The server outage does not impact any other DNV services.”

DNV said it is working with Norwegian police and IT security companies to respond to the incident. 

DNV is the world’s largest classification society – an organization that manages the technical certifications for the construction and operation of ships and offshore structures. More than 13,175 vessels and mobile offshore units are currently serviced by DNV – which brought in over $2 billion in revenue in 2021. 

The attack on DNV is the latest affecting the shipping industry. Two weeks ago, the Port of Lisbon was targeted by the LockBit ransomware group and Europe saw a string of ransomware attacks on ports throughout 2022

Oil companies Oiltanking and Mabanaft, both owned by German logistics conglomerate Marquard & Bahls, suffered a cyberattack that crippled their loading and unloading systems in February 2022. Oiltanking said it “declared force majeure” due to the attacks. 

In November, Secretary of the U.S. Department of Homeland Security Alejandro Mayorkas told Congress that the most significant threat to U.S. ports are cyberattacks.

“We are increasing the level of technology by which our ports operate and that is why not only Customs and Border Protection have a focus on cybersecurity but so does the United States Coast Guard,” Mayorkas said. 

“I would identify, with respect to our ports, cybersecurity, as a significant threat stream and we are of course very focused on defending against it and strengthening our cybersecurity.” 

Get more insights with the
Recorded Future
Intelligence Cloud.
Learn more.
What is Threat Intelligence
No previous article
No new articles
Jonathan Greig

Jonathan Greig

is a Breaking News Reporter at Recorded Future News. Jonathan has worked across the globe as a journalist since 2014. Before moving back to New York City, he worked for news outlets in South Africa, Jordan and Cambodia. He previously covered cybersecurity at ZDNet and TechRepublic.