Norway

DNV confirms it has taken its ShipManager software product offline after the services’ IT servers had been the victim of a cyberattack. DNV reports that it has advised customers. In response to the incident the company shut down ShipManager’s IT servers on the evening of Saturday, January 7. Affected customers have been informed of a 24/7 support hotline. Ironically, DNV promotes awareness and advises customers on steps to take to identify cyber threats and protect an organization’s data.

ShipManager is a software solution used by shipping companies to oversee the technical, operational, and compliance aspects involved in vessel and fleet management.

Amedia, the largest local news publisher in Norway, said December 28 several of its central computer systems were shut down in what it is calling an apparent “serious” cyberattack.
The attack is preventing the company from printing the next day's edition of the newspapers, and presses were halted until the issue was resolved. The hack impacted the company’s advertising and subscription systems, preventing advertisers from purchasing new ads and stopping subscribers from ordering or canceling subscriptions.
The company said it is unclear whether personal information has been compromised—the subscription system affected by the attack contains names, addresses, phone numbers, and subscription history of customers. Data such as passwords, read history, and financial information are not affected, the company said.

Nortura has been the victim of a computer attack. We have therefore decided to shut down our IT systems and remove Internet access at our locations to minimize possible damage to systems and operations.
The result is the activity at several factories and expeditions has been reduced until further notice.
We are now working to get a complete overview of the situation and the extent, as well as make plans to deal with the consequences of the situation that has arisen. The priority is securing data and stabilizing the systems.

WIZARD SPIDER is a sophisticated eCrime group that has been operating the Ryuk ransomware since August 2018, targeting large organizations for a high-ransom return. This methodology, known as “big game hunting,” signals a shift in operations for WIZARD SPIDER. This actor is a Russia-based criminal group known for the operation of the TrickBot banking malware that had focused primarily on wire fraud in the past.

A computer virus infected at least one of its businesses’ IT systems. The corporation said the security incident had hampered some production in its pharmaceutical business, which makes everything from nutritional products and infusion therapies to pain relievers that are in high demand during the coronavirus pandemic

Production lines had stopped at some of its 170 plants.

The ransomware LockerGoga blocked the company’s systems, forcing a switch to manual operations and workarounds. The Extruded Solutions unit, which makes components for car manufacturing, construction and other industries, reduced its output by 50%. Administrative systems, such as reporting, billing and invoicing, suffered delays. It took Norsk Hydro several weeks to bring operations back to normal.