Eskenzi PR ad banner Eskenzi PR ad banner
  • About Us
Thursday, 4 June, 2026
IT Security Guru
Eskenzi PR banner
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2026
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2026
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

Cruise Control, Carnival Catastrophe

The world's biggest cruise line operator, Carnival, was hit by ransomware

by The Gurus
August 18, 2020
in Cyber Bites
Cruise ship virus
Share on FacebookShare on Twitter

As if times weren’t hard enough for the travel industry, BleepingComputer revealed that the cruise line operator Carnival Corporation has disclosed that one of their brands suffered a ransomware attack over the past weekend. When it comes to passenger travel, data breaches and ransomware can be especially catastrophic. Biographical information, travel details and potentially passport information are like gold dust on the black market. Perhaps this is why airlines, hotels and cruise operators are so frequently targeted.

Dan Panesar, Director of EMEA fro Securonix, stated: “The Carnival data breach is particularly nasty as the hackers have gained access and stolen the ‘holy grail’ of information including, personal details, credit cards and social security numbers.  All the essentials to perform some pretty nasty identity fraud on its customers.  It appears the attackers have used the classic diversion of a ransomware attack to divert attention to the real focus of the attack which was to steal valuable and sensitive data.  In todays security landscape organisations and their security teams are out gunned by the attackers in terms of resources and skills.  Security teams need to spend less time managing the systems and more time addressing the threats.  One clear way to do this is using  behavioural analytics to spot abnormal behaviour before it causes real problems.  Secondly using automation to allow the security team to focus only on the severe or real threats can further strengthen security posture.  These can both help reduce the burden on security teams, bring better visibility and allow them to respond and react faster to attacks.”

 

Jamie Akhtar, CEO and co-founder of CyberSmart went on to note: “This attack on Carnival Corporation is salt in the wounds for an already crippling industry following the outbreak of COVID-19. It is clear from this that attackers are eager to exploit any weakness they can identify. Unfortunately, many organisations are distracted as a result of the pandemic, and have neglected to attribute due attention to maintaining a strong cybersecurity posture. This loss of focus is also occurring at a time when our digital infrastructure is rapidly changing to meet the societal shift towards remote working. In fact, one report from Darktrace showed that cyberattacks had increased from 12% prior to lockdown to 60% only six weeks later. Organisations should learn from Carnival Corporation and implement basic cyber hygiene measures across their own institutions. That is, ensuring that they have an automated updating or patching system in place, and a reliable anti-malware software installed. Organisations should also offer security awareness training to inform employees of the latest threats and how to deal with them, as well as introduce other security measures to safeguard remote access.”
Chris Clements, VP of solutions architecture at Cerberus Sentinel: “Attackers move swiftly to exploit critical vulnerabilities.  Any organisation that is not equipped to locate and patch vulnerable systems in under a week is at significant risk of compromise from organised hacking groups.  Once the network perimeter is breached, it can take skilled hackers little more than a few hours to gain complete control of the victim’s internal network and deploy their ransomware.  Victim’s are left with the choice to either pay the cyber criminals extortion demands or attempt to recover operations on their own.  Often compromised organisations discover that even if the attackers did not delete their backups that paying the ransom is both cheaper and faster than attempting recovery on their own.  The unfortunate fact is that the normal recovery process while functional for recovering the occasional failed system completely fails to work when needing to recover hundreds or thousands of systems at once.

Carnival states that they detected the ransomware attack on August 15th, but it’s likely that the attackers had access to their network and data for weeks or months prior searching and exfiltrating any sensitive data they could find.

Organisations seeking to protect themselves from ransomware attacks must adopt a culture of security that includes regularly scanning for serious security holes and patch within a week’s time, ensuring that internal controls and monitoring exist to quickly detect and limit a potential attacker’s access, and ensuring that any recovery operations are effective at a mass scale.”

Share8Tweet
Previous Post

Webinar: How to keep the UK secure as it reopens

 Next Post

What it Means to Be a Cybersecurity Pathfinder

Recent News

Nagomi Control Brings CTEM Into Action

IT Security Guru picks for Infosecurity Europe 2026

June 1, 2026
Nine in Ten Security Leaders Concerned About AI-Generated Code Risks as Salt Security Launches New Governance Tool

Nine in Ten Security Leaders Concerned About AI-Generated Code Risks as Salt Security Launches New Governance Tool

June 1, 2026
Acumen Cyber and AttackIQ Partner to Strengthen Cyber Defense Validation

Acumen Cyber and AttackIQ Partner to Strengthen Cyber Defense Validation

May 29, 2026
Check Point Launches AI Agents That Think Like Attackers as Autonomous Exploitation Reaches Critical Threat Level

Check Point Launches AI Agents That Think Like Attackers as Autonomous Exploitation Reaches Critical Threat Level

May 28, 2026

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2024 IT Security Guru - Website Managed by Dessol

  • About Us
Manage Consent
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
  • Manage options
  • Manage services
  • Manage {vendor_count} vendors
  • Read more about these purposes
View preferences
  • {title}
  • {title}
  • {title}
No Result
View All Result
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2026
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2024 IT Security Guru - Website Managed by Dessol