Earlier this month, the Wisconsin shipyard that builds the United States Navy’s Freedom-class Littoral Combat Ship, as well as the Constellation-class guided-missile frigate was targeted in a ransomware attack.
The littoral combat ship USS Freedom (LCS 1) is underway conducting sea trials off the coast of Southern California. Freedom, the lead ship of the Freedom variant of LCS, is expected to deploy to Southeast Asia this spring. (U.S. Navy photo by Mass Communication Specialist 1st Class James R. Evans/Released)
What We Know
Fincantieri Marinette Marine experienced the attack in the early morning of April 12, when large chunks of data on the shipyard’s network servers were rendered unusable by an unknown professional group, USNI News first reported.
Though it was not a serious cyberattack, it reportedly caused a production delay across the shipyard.
The compromised data is used to feed instructions to the shipyard’s computer numerical control (CNC) manufacturing machines, resulting in devices like welders, cutters, bending machines, and other computer-controlled tools being offline for several days. By the end of last week, some of the CNC machines were back in operation, while repair and construction operations continue,
However, as of Friday, email and some networked operations remained offline.
“Fincantieri Marine Group experienced a cybersecurity incident last week that is causing a temporary disruption to certain computer systems on its network. The company’s network security officials immediately isolated systems and reported the incident to relevant agencies and partners. Fincantieri Marine Group brought in additional resources to investigate and to restore full functionality to the affected systems as quickly as possible,” Fincantieri spokesman Eric Dent said via a statement.
It is currently unclear if the attackers stole any sensitive data on the vessels or processes at the shipyard.
These Attacks Aren’t Going to Go Away
Cybersecurity experts warned that such attacks are now on the rise.
Last week, researchers at Microsoft Threat Intelligence warned that an Iranian hacking group may now target critical U.S. infrastructure.
In addition, Huntington Ingalls Industries, Inc. filed a notice of data breach with the Maine Attorney General after learning that an unauthorized party accessed confidential consumer information stored on the company’s computer network.
However, this ransomware attack highlights the vulnerabilities of the country’s defense industrial base.
“This ransomware attack on the Fincantieri Marinette Marine shipyard disrupted operations across the shipyard by rendering data on network servers unusable, impacting critical CNC manufacturing machines,” Carol Volk, executive vice president at cybersecurity firm BullWall, told 19FortyFive via an email.
“This highlights the potential impact of cyber attacks on industrial control systems and the need for robust detection mechanisms to identify and respond to such threats promptly. Even if data theft did not occur, the disruption caused by the attack can have significant operational and financial implications,” warned Volk.
Pay Up?
Ransomware attacks are also expected to increase this year. Iran, as well as Russia, China, and North Korea, remain some of the largest threats.
“In addition to seeing ransomware groups with financial gain as their main goal, we also see ransomware applied as a way to divert attention when attackers are creating a ‘smoke screen’ with different objectives in mind, such as propagating through the network and creating backdoors for other more lucrative motivations, added Roy Akerman, co-founder & CEO of cybersecurity provider Rezonate.
“Especially here, in the case of the U.S. Navy where there is an increased risk of ransomware being the first visible risk while other true intentions remain stealthy,” Akerman told 19FortyFive via an email.
As attackers aren’t likely to let up, now isn’t the time to let the guard down, the cybersecurity researchers warned.
“While preventative measures are crucial, it is important to acknowledge that motivated cybercriminals are constantly evolving their tactics and can often stay one step ahead,” said Volk. “As such, detection and containment capabilities should be considered as ‘must have’ defenses in addition to preventative measures.”
MORE: Video – Ukraine Has Massive New NATO ‘Cannon’ Ready To Fight Russia
MORE: ‘Americans Will Pay The Price’: One Democrat Is Angry At Joe Biden
MORE: Could Joe Biden Get Impeached?
Author Experience and Expertise
A Senior Editor for 19FortyFive, Peter Suciu is a Michigan-based writer. He has contributed to more than four dozen magazines, newspapers, and websites with over 3,200 published pieces over a twenty-year career in journalism. He regularly writes about military hardware, firearms history, cybersecurity, politics, and international affairs. Peter is also a Contributing Writer for Forbes and Clearance Jobs. You can follow him on Twitter: @PeterSuciu.
