E-Threats Industry News

Cruise line operator Hurtigruten crippled in ransomware attack

Cruise line operator Hurtigruten crippled in ransomware attack
  • IT systems worldwide said to be affected
  • Business, already suffering during pandemic, now has a cyber attack to contend with

Norwegian shipping and cruise line Hurtigruten has revealed it is the latest maritime firm to suffer at the hands of cybercriminals, following a crippling ransomware attack that it sustained on Monday leaving some of its systems down around the world.

Prospective travellers visiting the company’s website are currently met with a terse message: “Sorry, the website isn’t working right now”

The company’s IT chief, Ole-Marius Moe-Helgesen, described the incident as “a serious attack” gainst its global IT infrastructure, according to a report by Reuters.

It’s not been a good year for Hurtigruten, as the global pandemic has understandably impacted its business activities, forcing it to suspend its cruise operations and laying off hundreds of employees.

No details have been shared of the strain of ransomware which has hit the firm, but in the very best scenario it will be juggling whether to pay its extortionists a handsome fee in order to have its data decrypted or attempt to restore its systems from its own backups.

In the worst case it may also be facing the possibility that its attacks have exfiltrated sensitive data and are threatening to release it publicly if a ransom is not paid in a timely fashion, potentially damaging Hurtigruten’s image further and its relationships with customers and partners.

Clearly the cruise line is not feeling entirely despondent, however. Hurtigruten has told the Oslo Stock Exchange in a statement that it does not “expect a material financial effect from the cyber attack.”

Hurtigruten says that it is working with the Norwegian authorities to investigate the scale of the incident, and limit its impact within the organisation.

Other maritime victims of cyber attack include cruise line operator
Carnival, shipping giant CMA CGM, and the United Nations International Maritime Organisation (IMO).

About the author


Graham Cluley is an award-winning security blogger, researcher and public speaker. He has been working in the computer security industry since the early 1990s, having been employed by companies such as Sophos, McAfee and Dr Solomon's. He has given talks about computer security for some of the world's largest companies, worked with law enforcement agencies on investigations into hacking groups, and regularly appears on TV and radio explaining computer security threats.

Graham Cluley was inducted into the InfoSecurity Europe Hall of Fame in 2011, and was given an honorary mention in the "10 Greatest Britons in IT History" for his contribution as a leading authority in internet security.