A shipbuilder for the U.S. Navy recently notified federal authorities of a cyber incident claimed by a ransomware group over the weekend.
The U.S. arm of Austal — an Australia-based ship building company and defense prime contractor that specializes in defense and commercial vessels — said it alerted the FBI and Naval Criminal Investigative Service (NCIS) to a data incident.
“We were able to quickly mitigate the incident resulting in no impact on operations,” Larry Ryder, vice president of business development at Austal, told Recorded Future News. He added that the federal agencies “remain involved in investigating the cause of the situation and the extent of information that was accessed” and that the company is trying to “fully understand this incident” to prevent a repeat.
“No personal or classified information was accessed or taken by the threat actor… Austal USA recognizes the seriousness of this event and the special responsibility we have as a DoD [Department of Defense] and DHS [Department of Homeland Security] contractor.”
The company has built hundreds of vessels for the navies of Australia, Oman and the U.S. as well as commercial firms around the world. It reported over $1.5 billion in revenue for fiscal year 2023 and has more than 5,000 employees.
On Saturday, the Hunters International ransomware gang added Austal to its list of victims.
The U.S. Navy did not respond to requests for comment.
Austal is not the first naval contractor hit with ransomware this year. In April, Fincantieri Marinette Marine experienced a ransomware attack that delayed production at the Wisconsin shipyard where it builds U.S. Navy combat ships.
The United States Naval Institute reported that the shipyard’s network was brought down on April 12 by ransomware actors, and the Navy said it was monitoring the company’s efforts to recover.
Two weeks ago, the Navy released its long-awaited cyber strategy, part of which included efforts to better secure the sprawling defense industrial base.
Pakistan’s Navy was also targeted by hackers in a campaign identified earlier this year, with about 1,000 vessels affected by another ransomware attack against a major software supplier for ships in January.
Recorded Future
Intelligence Cloud.
No previous article
No new articles
Jonathan Greig is a Breaking News Reporter at Recorded Future News. Jonathan has worked across the globe as a journalist since 2014. Before moving back to New York City, he worked for news outlets in South Africa, Jordan and Cambodia. He previously covered cybersecurity at ZDNet and TechRepublic.
