Cruise line ransomware
A ransomware has struck the largest cruise ship company in the world. It is suspected that customer records have also been compromised during the attack.
Carnival Corporation is an operator of over 100 cruise ships that operate under reknown brands such as Carnival Cruise, Princess Cruises, Costa Cruises and others. This week, the company informed the Securities and Exchange Commission (SEC) of US about an attack detected earlier on August 15th.
In its reports to SEC, Carnival confirmed that, so far, the investigation has shown that criminals have accessed and encrypted some of the company’s computer data and that a number of files have been downloaded. It has also been noted that unauthorized access to personal details from guests and employees has also likely to have happened during the security incident.
The company believes that the attack has been aimed only at one of its brands. However, it cannot provide guarantees that its other brands and their computer systems have not been affected.
Carnival has still not come out with official statement about which brand precisely has been compromised, how many clients could have been compromised, what personal data could have been leaked and what have been the ransom demands.
Carnival informed the SEC that it has notified the law enforcement immediately when it discovered the threat and that it has called for cybersecurity companies to improve the protection of their computer systems and assist in the investigation.
The attack of a ransomware infection is very specific since a specially developed malicious software is typically used to locate and encrypt data on the infected computer’s system. As soon as the targeted data has been successfully encrypted, the hackers behind the infection start to blackmail the system owner to pay a ransom for a decryption key in order to restore access to its locked data.
Incidents of this kind have very catastrophic consequences for businesses and individual users since they can take hostage of critical system information or data with great personal or professional value. The victims of ransomware usually have no choice but to pay the hackers if they want to continue operating and restore their information in the fastest possible way.
There are already a number of registered cases where, after suffering attacks caused by ransomware infections, big companies have paid substantial amounts of money as a ransom to recover their systems and set them running again.
Security experts advise web users and business owners to take the security warning seriously and to ensure that their computer systems are up-to-date in order to prevent falling victim to ransomware attacks. They also advise users to stop clicking on unverified links and to avoid downloading files and software from sketchy web locations and unknown developers.
When an organization is a target of a ransomware infection, it is typically safer to work with reputed security professionals that may offer comprehensive data-recovery methods rather than trusting the criminals behind the malware. It is also crucial for businesses operating with data to have reliable backup systems set in place in order to recover any data that may be lost due to a potential file-encrypting incident.