[BreachExchange] Norwegian Cruise Company Hurtigruten Hit by Cyberattack

[Destry Winant]

https://www.securityweek.com/norwegian-cruise-company-hurtigruten-hit-cyberattack

Norwegian cruise company Hurtigruten announced Monday that it had been
hit by a major cyberattack involving what appeared to be "ransomware",
designed to seize control of data to ransom it.

"It's a serious attack," said the company's chief digital officer
Ole-Marius Moe-Helgesen in a statement. "The entire worldwide digital
infrastructure of Hurtigruten seems to have been hit."

The company said it had alerted the relevant authorities when the
attack was detected overnight Sunday to Monday. "The attack seems to
be a so-called ransomware," Hurtigruten added.

Ransomware is a kind of malware -- malicious software -- that encrypts
the data of the target, locking the owner out of its own system until
the victim agrees to pay for a decryption key to let him back in.

The attack comes as the company, which like the rest of the cruise
liner industry is owned by private investors, is struggling with the
losses caused by the coronavirus pandemic.

The company tried to relaunch its cruisers in June but suspended them
again in September until the end of the year after dozens of crew
members and passengers were infected with the virus.

Europe's cruise liner sector has a turnover of 14.5 billion euros a
year and employs nearly 53,000 people, according to the Cruise Lines
International Association (CLIA).

The CLIA estimates that the damage wrought to the industry by
coronavirus-related shutdowns could cost it up to 25.5 billion euros
in revenue.