DNV, a Norwegian shipping classification society, has confirmed that its systems were affected by a ransomware attack that affected around 1,000 ships that rely on its technology.
Oslo-based DNV said in a statement Wednesday that its ShipManager software was the target of file-encrypting malware on Jan. 7, forcing the organization to shut down its servers. ShipManager is fleet management software that enables DNV shipping customers to oversee the operational, technical and compliance functions of a fleet of ships and is used by more than 7,000 vessels owned by 300 customers, according to the company’s website.
DNV said 70 customers operating around 1,000 vessels were affected by the attack, almost 15% of its entire fleet.
In a statement to TechCrunch, DNV spokeswoman Margrethe Andersen confirmed that all affected ships will still be able to use the offline capabilities of the ShipManager software onboard. “The cyber attack has no impact on the operational capability of the ships,” said Andersen.
DNV also says it is confident other DNV servers will not be affected. However, when asked whether data was compromised as a result of the attack, the company declined to comment. DNV also declined to say whether the attack would cause delays for ships and their cargo on board.
According to the company, it is cooperating with the police. “We cannot release any information that could affect or delay the investigation,” the spokesman said.
It’s unclear how DNV was compromised, whether the company received a ransom note, or who was behind the attack. TechCrunch checked the websites of several major ransomware groups but found no mention of DNV.
“DNV is working closely with global IT security partners to analyze the incident and ensure secure online operations as soon as possible,” the company said. “All affected customers have been advised to consider relevant remedial actions based on the nature of the data they have uploaded to the system.
The ransomware attack on DNV is one of many that have impacted the shipping industry in recent weeks. The Port of Lisbon, the third largest shipping port in Portugal, was the target of a LockBit ransomware attack on Christmas Day.