New Threat Research: Uncovering Adversarial LDAP Tradecraft

Read Threat Research


Struggling Cruise Company Suffers Apparent Ransomware Attack

After struggling with the Coronavirus pandemic, Norwegian cruise liner Hurtigruten has been attacked by what they believe to be ransomware. The attack was announced last night and has since caused their website and internal email systems to be taken offline. No ransom amount has been announced yet, but investors cannot be happy after already losing a substantial amount of money due to the pandemic. “Our main priority now is to ensure safe and good operations for all guests and employees. We are working with all available resources to isolate the effects of the attack and limit the damage it can do,” stated Moe-Helgesen, Hurtigruten’s executive Vice President for IT. All of the proper authorities have been notified about the attack but have denied comments.

Analyst Notes

As more information is released it will be easier to determine the course of action need for a recovery plan. Since limited information is available, we are unable to identify the defenses that were in place. However, the combination of anti-virus software with Endpoint Detection and Response (EDR) tools can help prevent or stop intrusions. An adequate monitoring system that fits the needs of an organization is also very important, this will allow businesses to get ahead of the infection and stop it before important files are compromised. At Binary Defense, our Security Operations Task Force analysts monitor endpoints for signs of intrusions, and we alert our clients as soon as any suspicious activity is noticed.