Ransomware Attack on Swire Pacific Offshore

Swire Pacific Offshore, a Singapore-based maritime services provider, has been targeted by the ransomware group Clop. The attack resulted in the loss of confidential proprietary commercial information and personal data, including passports, payroll information, ID numbers, bank account details, email addresses, and internal correspondence messages. The number of exposed individuals could reach 2,500, corresponding to the firm's seafaring and onshore personnel in 18 countries.

Swire Pacific Offshore operates a fleet of over 50 offshore support vessels and has reported the incident to the relevant authorities, working with external experts to investigate and determine future actions. The company's website and likely other parts of its operations are currently offline.

The Clop Ransomware Group's Claim

The Clop ransomware group has claimed responsibility for the attack and posted screenshots of data during the attack, indicating that the ransomware gang stole sensitive information. The attack is part of a surge in ransomware incidents in 2023, with the average monthly number of reported ransomware victims reaching an all-time high of 31.

Increased Cyber Threats in the Maritime Sector

Swire Pacific Offshore is a significant player in the maritime services industry, operating in a sector that has seen a 900% increase in cyber attacks over the past three years. The company's vulnerabilities may have been exploited due to the industry's turbulent period, with rising costs, delivery delays, shortages, and inflation, making it an attractive target for ransomware actors.

The attack on Swire Pacific Offshore underscores the need for robust cybersecurity measures in the maritime services sector, particularly in the face of increasing ransomware threats.

Sources

• Maritime Executive Article on Swire Pacific Offshore Ransomware Attack
• BleepingComputer News on Swire Pacific Offshore Ransomware Incident