Following the ransomware cyber-attack on DNV's dedicated ShipManager servers on January 7th, all users are back online. Police investigation continues.
DNV experienced a ransomware cyber-attack on its ShipManager servers on the evening of Saturday, January 7th. DNV experts shut down the servers immediately in response to the attack. The server outage did not impact any vessels’ ability to operate. All ships could still use the onboard, offline functionalities of the ShipManager software, and no other systems onboard were impacted.
Following the cyber-attack the ShipManager server environment had to be rebuilt, and while users are back online the work to resume full scope of service is ongoing.
The ShipManager servers are isolated from the rest of DNV's IT infrastructure. The forensic investigation conducted by global IT security partners confirmed that no other parts of the DNV IT-infrastructure was affected as part of the attack. DNV user accounts, emails and all other services were not affected by the incident.
DNV continues to have a regular dialogue with all affected ShipManager customers. These customers have been advised to consider relevant mitigating measures depending on the types of data they have uploaded to the system. All affected customers were informed about their responsibility to notify relevant Data Protection Authorities in their countries.
The cyber-attack was reported to the Norwegian Police, who are still investigating the attack and have informed relevant police agencies. The attack was also reported to the Norwegian National Security Authority, the Norwegian Data Protection Authority (DPA) and the German Cyber Security Authority.
DNV’s marine fleet management software solution supporting management of vessels and fleets in all technical, operational and compliance aspects. This is a modularized solution, so customers can choose individual modules or a complete ship management system that covers all needs.
This article was first published 09.01.2023 and was last updated 15.03.2023