Cyberattack Forces DNV to Take ShipManager Service Offline
DNV is confirming that it has taken its ShipManager software product offline after the services’ IT servers had been the victim of a cyberattack. Proving the universal nature of the cyber threat, the irony of the situation is that through its consulting services, the company promotes awareness and advises customers on steps to take to identify cyber threats and protect an organization’s data.
Few details are being provided on the nature of the attack, but DNV reports that it has advised customers and in response to the incident shut down ShipManager’s IT servers on the evening of Saturday, January 7. The company apologized for the disruptions and inconvenience saying that customers were being provided with a support hotline.
“DNV experts are working closely with global IT security partners to investigate the incident and to put in place a technical recovery plan and will ensure operations are online as soon as possible,” the company said in a brief statement released on January 9. “At this point in time, there are no indications that any other software or data by DNV is affected.“
ShipManager is a software solution used by shipping companies to oversee the technical, operational, and compliance aspects involved in vessel and fleet management. DNV reports that more than 7,000 vessels owned by 300 customers use its ShipManager and Navigator solutions. The company is saying that while the online and cloud computing features are impacted by the servers being offline, all users can still use the onboard, offline functionalities of the ShipManager software.
In a white paper article posted to its cyber security website, DNV advises its customers that there are typically seven stages of a cyberattack counseling on the steps to be taken to increase protection. They however report that the motives for cyberattacks have changed.
“Increasingly, attacks target the disruption of services rather than seeking to steal data for financial gain,” DNV advises customers. They note that the hackers’ motives could involve stealing information on employees, customers, product designs, or an attacker could start to disrupt the target company’s operations. “Not all hackers are after monetizable data or incriminating emails that they can publish. Some simply want to cause chaos or to inflict pain on a company.”
It appears that the attack against DNV may be achieving that goal by forcing DNV to take the servers down for its popular software product. The company has given no indication that ransomware is involved or that any sensitive data has been compromised for itself or its users.
In addition to working with its security partners, DNV reports the company is also in dialogue with the Norwegian police about the incident.