It has not been the best year for Carnival Cruise Line. Being the largest cruise line operator in the world means they’re a prime target for cyber-criminals. In March, the company disclosed a potential data breach from the year prior. Following hot on the heels of that announcement was COVID. The global pandemic caused a significant drop in the value of the stock, reaching a 5 year low towards the end of March. As the company stated, “COVID-19 has had, and is expected to continue to have, a significant impact on our financial condition and operation”.
Ransomware in 2020
One of Carnival’s brands suffered a ransomware attack the weekend of August 15th. The attack managed to access the company’s technology systems. Once inside they were able to encrypt a portion of the data files. However, since it is an ongoing investigation, Carnival Cruise Lines is not disclosing any information about the scope of the attack at this time.
Optimism for 2022
In spite of the setbacks of 2020, Carnival seems focused on the future. Their Twitter account has posts about their 50 year celebration and launching a new boat that year. The official account makes no mention of the attack at all. Maybe it will be smooth sailing for the company. However, cybersecurity intelligence firm Bad Packets informed Bleeping Computer about a major risk for Carnival.
Not surprising given they had multiple Citrix servers vulnerable to CVE-2019-19781. CVE-2020-2021 could be another initial vector of compromise as well.
— Bad Packets (@bad_packets) August 17, 2020
If true, then Carnival can expect more hacks before they get to celebrate 2022. Although, Bleeping Computer later clarified “While it is not known if either of these vulnerabilities were used in Carnival’s attack, they are commonly abused by ransomware operators in these types of attacks.”
The post Carnival Discloses a Ransomware Attack appeared first on VIPRE.
