After 70 customers were affected by the attack on 7 January, the classification society said a police investigation into the incident continues
"Following the cyber attack, the ShipManager server environment had to be rebuilt, and while users are back online, the work to resume full scope of service is ongoing," DNV said.
"The ShipManager servers are isolated from the rest of DNV’s IT infrastructure. The forensic investigation conducted by global IT security partners confirmed no other parts of the DNV IT-infrastructure was affected as part of the attack. DNV user accounts, emails and all other services were not affected by the incident."
DNV said it continues to have a regular dialogue with all affected ShipManager customers.
"These customers have been advised to consider relevant mitigating measures depending on the types of data they have uploaded to the system. All affected customers were informed about their responsibility to notify relevant Data Protection Authorities in their countries," DNV said.
DNV said it reported the cyber attack to the Norwegian Police, who are still investigating the attack. The attack was also reported to the Norwegian National Security Authority, the Norwegian Data Protection Authority and the German Cyber Security Authority.
18 January
DNV has published a second update regarding the cyber attack it is still attempting to recover from, saying servers remain offline for the ShipManager software affected by the attack.
"DNV is working to restore the functionalities of the dedicated ShipManager servers, following a ransomware cyber attack on 7 January. External technical experts have been engaged to investigate the attack, which has also been reported to the police and other relevant authorities," the company said.
The company said there remain no indications any of its other software or data has been affected by the attack and the server outage is limited to the ShipManager platform.
"DNV is communicating daily with all 70 affected customers to update them on findings of the ongoing forensic investigations. In total, around 1,000 vessels are affected. We apologise for the disruption and inconvenience this incident may have caused," the company statement said.
9 January
DNV confirmed its ShipManager software was hit by a cyber attack 7 January and it has shut down ShipManager’s IT servers in response to the incident.
"All users can still use the onboard, offline functionalities of the ShipManager software. At this point in time, there are no indications any other software or data by DNV is affected," DNV posted on its corporate website.
DNV said its own experts are working closely with the company’s global IT security partners to investigate the incident and to put in place a technical recovery plan.
DNV’s ShipManager product is sold through Norway-based DNV AS, and DNV said it is in dialogue with the Norwegian police about the incident.
The company said it will ensure operations are online "as soon as possible" and "affected customers have been informed of a 24/7 support hotline".
"We apologise for the disruption and inconvenience this incident may have caused," the DNV statement said.
The maritime industry has seen a number of high-profile attacks in recent years, the most recognised of them involving shipping behemoth Maersk in 2017.
More recently, Singapore-based ship and offshore rig building specialist Sembcorp Marine reported a cyber incident and its resulting security response in August 2022. The company said the cyber attack involved an unauthorised party accessing part of its IT network via third-party software products.
In October 2022, a study published in Marine Policy journal argued there is an urgent need for comprehensive and innovative international maritime security laws to address cyber security threats.
Queensland University of Technology maritime security law expert and associate professor Saiful Karim said the rapid increase in cyber attacks on the maritime industry during the Covid pandemic highlighted the inadequacies of the existing international legal framework and the urgent need for comprehensive and innovative international maritime cyber-security laws.
“Ports, ships, maritime supply chains and major offshore infrastructure including oil and gas installations are vulnerable to cyber attacks. The international maritime industry relies on cyber systems for all aspects of operation and management and may face cyber attacks from so-called activists, terrorists and transnational cyber criminals,” Dr Karim said.
Sign up for Riviera’s series of technical and operational webinars and conferences in 2023:
© 2023 Riviera Maritime Media Ltd.