Maritime Computer Emergency Response Team ADMIRAL dataset ADMIRAL dataset

Publicly disclosed information for this event

Index Number:
Title:
2021_017
A company working in the gas sector is hit by a cyber attack.
Day Month Year Country Activity Incident Type
1 April 2021 France Offshore Scam

Summary

The victim, a maritime service provider to the oil industry, experienced a cyberattack which resulted in the lockdown of its IT systems. The entity, known for operating a fleet of over 350 vessels serving the global oil and gas sector, was targeted in a security breach that occurred overnight.

According to sources, the cyberattack was detected between the night of April 8 and the morning of April 9. As a security measure, access to computer applications such as email was suspended, rendering the company's employees without access to their computers. However, it was noted that no client operations were halted due to the attack. Communications from ships to shore remained active. The company's spokesperson refrained from specifying whether the attack involved ransomware but confirmed that, thus far, no data theft has been detected.

In response to the attack, the company worked to restore its IT systems. Despite the cyber incident, the company assured that its operational activities, particularly its client services remained uninterrupted.

Victim

Bourbon Group

Claimed/Reported Threat Actor

N/A

Origin

Cybercrime

Main impact

Integrity

References

  1. https://www.bairdmaritime.com/work-boat-world/offshore-world/bourbon-targeted-by-cyber-attack/
  2. https://splash247.com/bourbon-confirms-cyber-attack/
  3. https://seawanderer.org/fr-the-bourbon-group-hit-by-a-cyber-attack
  4. https://www.lefigaro.fr/flash-eco/le-groupe-bourbon-frappe-par-une-cyberattaque-20210413
  5. https://www.lejournaldesentreprises.com/region-sud/article/les-compagnies-maritimes-marseillaises-bourbon-et-gazocean-victimes-de-cyberattaques-1187758

Recommendations to Offshore to reduce Scam risks:

  • Train personnel to recognize common scam tactics and red flags.
  • Implement email filtering and web filtering systems to block known scam websites and emails.
  • Educate employees about the risks of sharing sensitive information with unknown entities.
  • Establish clear and safe communication channels for reporting potential scams within the organization.
  • Regularly update scam threat intelligence from your CSIRT organization to stay informed about emerging scams.
Previous Next
Disclaimer: the data are provided as is. France Cyber Maritime and the M-CERT take no responsibility for the soundness, quality, precision, nor the eventual attribution made by the referenced URLs. We give a lot of respect and support to the victims of attacks.
Files generated on Monday, 11th December 2023.
ADMIRAL is licensed under the Creative Commons CC-BY-NC license. Copyright © France Cyber Maritime 2023.