In a digital age when ships navigating the seas are as dependent on technology as they are on winds and tides, a cyberattack on a key software supplier can cripple a significant portion of the shipping industry.
DNV, a Norwegian software supplier that provides services for thousands of ships worldwide, experienced a ransomware attack on January 7, 2023, affecting approximately 70 customers who operate around 1,000 shipping vessels.
The attack targeted the company's ShipManager servers, which are used for fleet management and allow customers to monitor the operational, technical, and compliance features of a shipping fleet. DNV shared a statement on the incident:
"DNV's ShipManager servers were victim of a ransomware cyberattack on the evening of Saturday 7 January. DNV experts shut down the servers immediately in response to the incident. All vessels can still use the onboard, offline functionalities of the ShipManager software, other systems onboard the vessels are not impacted. The cyberattack does not affect the vessels’ ability to operate."
DNV stated there are no indications that any other data or servers by DNV are affected and that the server outage has not impacted any of its other services.
The company promptly reported the attack to the Norwegian Police and other relevant authorities, and is working closely with global IT security partners to investigate the incident. It is also in contact with affected customers and has advised them to consider mitigating measures depending on the types of data they have uploaded to the system.
The company also informed the impacted parties about their responsibility to notify the relevant data protection authorities in their countries of the incident.
It is important to note that the attack targeted DNV's ShipManager software only, which is used by more than 7,000 vessels owned by 300 customers, according to the company's website.
