A few days ago, the Lürssen shipyard was paralyzed by a ransomware attack. Shortly before that, the Flensburger Schiffbau Gesellschaft mbH & Co. and Nobiskrug Yachts GmbH was the victim of an attack by the BianLian APT group and 3 terabytes of data are said to have been stolen.
Actually, the German shipyards have many other concerns. Now, however, serious IT concerns have arisen. A ransomware attack is said to have paralyzed the Lürssen shipyard over the Easter holidays. According to some media in the far north, nothing is supposed to work in the shipyard anymore in terms of IT and processes. The background is said to have been a phishing attack that served as a precursor to a ransomware attack. According to the FAZ.net Lürssen is said to have immediately initiated all necessary protective measures. But so far nothing more has been learned. There is also nothing to be found on the relevant leak sites about the Lürssen attack.
Flensburger Schiffsbau probably lost 3 TB of data
Within the Flensburger Schiffbau Gesellschaft mbH & Co. and Nobiskrug Yachts GmbH the result, which the APT group BianLian itself announces, is probably a bit bleaker. On their leak page, BianLian names the stolen data volume of 3 terabytes and provides dozens of stolen documents. Accounting documents, contracts, personal data, financial data and data from top management should be found. Technical documents on shipbuilding and more should also be included.
The APT group BianLian and its associated infrastructure first appeared in December 2021, according to DXC.com. The group tripled its C2022 infrastructure by August 2, which is a significant expansion. Since the beginning of 2023, the group has listed over 50 successful cyber attacks and extortions on its leak page. What is true of this, and who paid the ransom and who didn't, is of course unconfirmed.
How high BianLian's claim to the Flensburger Schiffbau Gesellschaft is, provided the stolen data is genuine, is not mentioned on the leak page. The site only cites the official sales of its victims, FSG at $223 million and subsidiary Nobiskrug at $167 million.
No information about the cyber attack can currently be found on the websites of the affected companies.