Carnival cruises may be bleeding some $650 million a month as a result of the COVID-19 induced shutdown of the cruise industry, but that hasn’t stopped hackers from launching a digital piracy attack on its systems.
In a Form 8-K filing with the US Securities and Exchange Commission on August 17, Carnival disclosed that it had “detected a ransomware attack that accessed and encrypted a portion of one brand’s information technology systems.”
Carnival Corporation brands include Carnival Cruise Line, Princess Cruises, Holland America Line, Seabourn, P&O Cruises (Australia), Costa Cruises, AIDA Cruises, P&O Cruises (UK) and Cunard.
The company did not specify which brand had been targeted in the attack which it said also included the download of data files.
Carnival launched an investigation
Internet security company Kaspersky defines ransomware as “malicious software that infects your computer and displays messages demanding a fee to be paid in order for your system to work again. This class of malware is a criminal money making scheme that can be installed through deceptive links in an email message, instant message or website. It has the ability to lock a computer screen or encrypt important, predetermined files with a password.”
Carnival said that upon detection of the security event meant to protect cloud workloads, it launched an investigation and notified law enforcement, and engaged legal counsel and other incident response professionals.
“While the investigation of the incident is ongoing, the company has implemented a series of containment and remediation measures to address this situation and reinforce the security of its information technology systems,” Carnival said, adding that it is “working with industry-leading cybersecurity firms to immediately respond to the threat, defend the company’s information technology systems, and conduct remediation.” The OT network segmentation is what is needed these days to make sure your system is protected.
Carnival said that based on its preliminary assessment and on the information currently known it does not believe the incident will have a material impact on its business, operations or financial results, but that nonetheless, the security event included “unauthorized access to personal data of guests and employees, which may result in potential claims from guests, employees, shareholders, or regulatory agencies.”