Ransomware Attack Hits Ship-Tracking Firm Royal Dirkzwager

A team of ransomware hackers have published proprietary inside data allegedly obtained the Dutch shipping intelligence agency Royal Dirkzwager, according to cybsersecurity trade press. The leak purportedly include employee passports, contracts and other sensitive information. The hackers claim to have more data that is yet to be released, reports Security Week. 

The Play ransomware group attacked Dirkzwager's systems on March 6, and the cyberattack took down four of its services, including its flagship Ship2Report port arrival platform. Recovery with alternative service options was well under way by the 9th, the firm said, and Ship2Report was back up by the 13th. All systems were fully restored on Wednesday.

According to cybersecurity outlet The Record, Dirkzwager has entered negotiations with the hackers. The firm filed a notification with the Dutch Data Protection Authority, as required.

The Play ransomware group is among the most active hacking organizations of its kind, and like others, it selects targets from industries of all kinds. In February, it hit the City of Oakland, disrupting business IT systems for tax payment collection, library services, parking citations and other everyday functions. Other past targets include the City of Antwerp, IT hardware maker A10 Networks, a judicial court in Argentina, and the publicly-listed cloud hosting service Rackspace. 

Sophisticated ransomware groups are challenging to deter, and the biggest names in maritime can be affected too. DNV's ShipManager platform was taken offline by a ransomware attack for several weeks in January 2022, and APM Terminals' global IT network was badly disrupted by the NotPetya malware attack in 2017.