Carnival Hits Rough Seas with Cyberattacks

Robert LilesCybersecurityLeave a Comment

For centuries, the seas have been a source of riches and treachery. Sometimes these two elements intersect. While across the world there have long been passenger vessels, trade routes, and merchant ships, there have also been maritime crimes since humans first took to the waves.

Of all maritime crimes, perhaps the first to cross most people’s minds is piracy. Pirates have scourged the seas for millennia—from the Sea Peoples of Ancient Greece, to Viking raiders, to Barbary Corsairs, to Blackbeard and Captain Kidd, to the Somali pirates of today.

Other 21st century crimes at sea include unauthorized entry into sovereign waters, smuggling contraband and trafficking, and illegal fishing, mineral exploitation, and dumping. Crimes on the open sea and against maritime companies have also kept up with the times in the form of data breaches. In 2021, a cruise company became one of these victims.

Keelhauled

Cruise operator Carnival Corporation announced that it had discovered unauthorized system access in March 2021, spurring the company to bring in a cybersecurity firm to help with the investigation. This follows a ransomware attack the company suffered in August 2020 and a subsequent attack that December.

This cyberattack affected the company and subsidiaries—Carnival Cruise Line, Princess Cruises, and Holland America Line. The attack potentially compromised particularly sensitive information of ship passengers, including dates of birth, addresses, social security numbers, passport numbers, and health information.

The cybercriminals encrypted a part of the company’s IT systems to get access to personal information on passengers and employees. As part of its response plan, Carnival notified people whose information may have been compromised. It also set up a call center dedicated to answering questions about the incident.

Avoiding Davy Jones’ Locker

The tourism sector has proven to be a popular target for cybercriminals in recent years, including attacks on airlines, hotels, and three against Carnival Corporation within a one-year span. This string of attacks on a single company stresses the need to invest in cybersecurity to protect against the growing threat toward businesses.

One such way to protect a company is by establishing a system to protect sensitive data. One solution to this is by using hardware-encrypted devices, user-authenticated devices for backup and mass storage. SecureDrive external portable drives and SecureUSB flash drives are superior options to help prevent cyberattacks. The BT models within both lines may be enhanced with Remote Management to add restrictions within certain geographic and time parameters.

If you believe you have been the victim of a cyberattack, or to learn how to set up a secure storage and backup solution today, contact an expert at 1-800-520-1677.