Hurtigruten Becomes Latest Shipping Company to Suffer Cyberattack

Hurtigruten systems down cyberattack
(file photo)

Published Dec 14, 2020 2:57 PM by The Maritime Executive

The Norwegian shipping company Hurtigruten has become the latest maritime company to suffer a crippling cyberattack. The line’s worldwide systems are reported to be down with the company sending out messages on social media saying its systems and phones were currently offline. Users going to the company’s website are seeing a simple message, “Sorry, the website isn't working right now.”

In a brief statement to the Oslo Stock Exchange, Hurtigruten reported that “Several key systems are currently down,” as a result of the cyberattack that occurred early this morning. The company said it was cooperating with the Norwegian authorities and partners to obtain an overview of the situation and to limit the spread and damage of the attack.

In a statement to Reuters, the company’s head of IT Ole-Marius Moe-Helgesen called it a “serious attack,” without providing additional details. He told the media that the company had implemented “comprehensive measures” to limit the damage from the attack.

While Hurtigruten’s cruise ships remain idled, the company continues to maintain its vital coastal service transporting passengers and goods. This service had been limited by travel restrictions related to the pandemic, but Hurtigruten recently announced that it had signed an agreement with the Norwegian government to increase capacity on the coastal route. During the first quarter, the company has agreed to maintain operations with a total of five ships. Starting in October, Hurtigruten had limited the coastal service to just two ships focusing on the northern ports between Bodo and Kirkenes. Many of the coastal communities that depend on the ships were only going to have a ship arriving every five to seven days down for the traditional daily service.

Hurtigruten joins the ranks of many of the other major shipping companies that have suffered a cyberattack. Carnival Corporation reported a breach on its servers exposing consumer data while shipping giant CMA CGM also suffered a crippling attack at the end of September. Initially, CMA CGM thought it had been able to limit the attack to peripheral servers. Its online bookings and other key functions were offline for two weeks, resulting in customers reporting chaos as the line struggled to restore and harden the systems. The IMO was also briefly taken offline by malware. 

Globally, there has been an increase in the reports of attacks with some estimates putting the cost at over $2 trillion in 2019. According to industry professionals, there has been a 300 percent increase in cyberattacks since the beginning of the Covid-19 pandemic and the shipping industry has not been spared.