Major Ransomware Attack Disrupts Global Supply Chain Operations
A large-scale ransomware attack has targeted DNV, a leading provider of maritime software solutions, forcing the company to shut down key IT systems affecting 70 ship management clients worldwide. The incident, detected on January 7, 2025, disrupted operations for vessel owners and operators relying on DNV’s ShipManager software, which handles critical functions such as navigation, maintenance, and compliance.
DNV confirmed the attack involved LockBit ransomware, a notorious strain known for extorting high-profile victims. While the company stated that no ransom demand had been received as of the latest update, investigations are ongoing to assess the full scope of the breach. Initial reports indicate that backup systems were activated, minimizing downtime, but some clients experienced delays in accessing real-time vessel data.
The attack highlights the growing vulnerability of maritime infrastructure to cyber threats, a sector increasingly targeted due to its reliance on interconnected digital systems. DNV, headquartered in Norway, serves over 300,000 vessels globally, making this incident one of the most significant disruptions to maritime cybersecurity in recent years. Authorities, including Norwegian cybersecurity agencies, are assisting in the response, though no attribution to a specific threat actor has been confirmed.
The incident underscores the escalating risks to supply chains, where a single breach can cascade across multiple industries. Further details on data exposure and recovery timelines are expected in the coming days.
Source: https://cybersecurityventures.com/intrusion-daily-cyber-threat-alert/
DNV - Maritime cybersecurity rating report: https://www.rankiteo.com/company/dnv-maritime
"id": "DNV1770508746",
"linkid": "dnv-maritime",
"type": "Ransomware",
"date": "1/2021",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"{'affected_entities': [{'customers_affected': '70 ship management clients',
'industry': 'Maritime/Supply Chain',
'location': 'Norway',
'name': 'DNV',
'type': 'Maritime software provider'}],
'date_detected': '2025-01-07',
'description': 'A large-scale ransomware attack has targeted DNV, a leading '
'provider of maritime software solutions, forcing the company '
'to shut down key IT systems affecting 70 ship management '
'clients worldwide. The incident disrupted operations for '
'vessel owners and operators relying on DNV’s ShipManager '
'software, which handles critical functions such as '
'navigation, maintenance, and compliance.',
'impact': {'operational_impact': 'Disrupted operations for vessel owners and '
'operators; delays in accessing real-time '
'vessel data',
'systems_affected': 'ShipManager software (navigation, '
'maintenance, compliance systems)'},
'investigation_status': 'Ongoing',
'lessons_learned': 'Growing vulnerability of maritime infrastructure to cyber '
'threats; escalating risks to supply chains due to '
'interconnected digital systems',
'ransomware': {'ransom_demanded': 'None received as of latest update',
'ransomware_strain': 'LockBit'},
'response': {'containment_measures': 'Shut down key IT systems; activated '
'backup systems',
'third_party_assistance': 'Norwegian cybersecurity agencies'},
'title': 'Major Ransomware Attack Disrupts Global Supply Chain Operations',
'type': 'Ransomware'}