Collaboration is key to step-by-step decarbonisation of transport
Decarbonising transport will require a new level of collaboration, according to speakers at today’s launch ...
GM: GAUGING RISKGXO: NEW BOT PARTNERWMT: CAPEX IN CHECKWMT: CFO ON AUTOMATION WMT: SPOTLIGHT ON AUTOMATIONHD: PRESSURE BUILDSFWRD: REVISED EBITDA MAERSK: TESTING ONE-MONTH HIGHFDX: UP UP AND AWAYRXO: COYOTE DEAL TAILWINDDSV: NEW REFI DEALR: WEAKENING AMZN: LIFESTYLE BATTLEKNIN: EXPANDED NETWORK OF CROSS-DECK FACILITIES
GM: GAUGING RISKGXO: NEW BOT PARTNERWMT: CAPEX IN CHECKWMT: CFO ON AUTOMATION WMT: SPOTLIGHT ON AUTOMATIONHD: PRESSURE BUILDSFWRD: REVISED EBITDA MAERSK: TESTING ONE-MONTH HIGHFDX: UP UP AND AWAYRXO: COYOTE DEAL TAILWINDDSV: NEW REFI DEALR: WEAKENING AMZN: LIFESTYLE BATTLEKNIN: EXPANDED NETWORK OF CROSS-DECK FACILITIES
In the wake of Saturday’s cyber-attack, DNV has told The Loadstar 70 companies and some 1,000 vessels could have been affected by what proved to be a ransomware incident.
The classification society, that ironically bought a digital security firm, Auvaro, in October, was however unable to clarify how many of the 1,000 or so ships using its ShipManager software have been affected.
DNV was also reticent to clarify how the ransomware programme had gained access to its systems, claiming it would jeopardise police investigations. This means it is not yet clear whether the programme hit DNV ShipManager through land-side infiltration or via a ship.
The Norway-based firm was also unwilling to say which ships or ship types were affected, or how, or if it meant the ships and their cargo would be delayed.
“I’ve been involved in exercises for vessels wherein the question was asked, ‘if a vessel is compromised, can they also compromise the shore and other vessels’ and the answer was ‘yes’,” explained Ken Munro of ‘white-hat hacker’ firm PenTestPartners.
“The question is a significant one, as it will have implications for assigning liability,” he added. “It may be that someone put some ransomware on a ship and it propagated through ShipManager and has taken down the shore systems as well.
“The bad bit, if it is shore-based, is really on DNV itself – the firm should have done a better job of making sure the systems were secure.”
A DNV spokesperson told The Loadstar: “We can confirm it was a ransomware attack. To supplement the 70 clients impacted I can confirm this includes around 1,000 vessels.”
Ransomware programmes are designed to make every kind of IT equipment unusable and the attackers demand payment in bitcoin to reinstate the system. Ransomware is designed to be omnivorous and “opportunistic”, noted Mr Munro, meaning that “…it is very unlikely that DNV was deliberately targeted.
Comment on this article