Skip to main content

Hurtigruten global IT systems hit by cyber attack

14 December 2020

Norwegian ferry company Hurtigruten had its global IT systems knocked out by a cyber attack on Monday (14 December).

The company said in a statement that the attack took down several systems. It is working with authorities and partners to limit the extent and scope of the damage.

Hans Sande, director of officers' union NSOF, said it was unclear how far into the company's servers the attackers had gone. 'It was the web page that has been attacked and they don't know how far into the servers they got. They wouldn't say.

'The company is providing only minimal information. The ships are running normally as far as we know,' Mr Sande said.

Norwegian Seafarers' Union director of cruise operations Lena Dyring said the attack was a 'developing situation' and that the union was not aware if it had affected crew or operations.

Hurtigruten IT director Ole-Marius Moe-Helgesen said: 'It's a serious attack. Hurtigruten's entire global infrastructure seems to be affected. The company has implemented extensive measures to limit the extent of the damage.'

Its priority was to ensure safe operations for crews and passengers, he said.

Mr Sande added: 'A lot of systems communicate with the vessel so these types of attack always generate concern. That’s why cyber security is a priority for the Norwegian government in the future. It’s happening more and more.'

National broadcaster NRK reported that the attack had knocked out the website and email system. It said the company believed it was a ransom attack.

The Norwegian National Security Authority (NSM), a cross-sectoral professional and supervisory authority, reported in September that the Norwegian Parliament and several companies (public and private sector) had been cyber attacked.

The NSM provides assistance with analysis, advice and technical help. Bente Hoff of the NSM said there are increasing attempts at cyber attacks and companies and individuals alike are urged to implement preventative measures.

These include two-step authentication and having a unique password per service. Companies should limit the number of attempts at logging in to accounts before they are locked, and increases in the number of locked accounts should be monitored. Security updates should always be undertaken as soon as they become available.