loader image

Ransomware Attack Hits Marinette Marine Shipyard, Results in Short-Term Delay of Frigate, Freedom LCS Construction

by | Apr 24, 2023 | Cybersecurity

[Sassy_Social_Share]

Ransomware Attack Hits Marinette Marine Shipyard, Results in Short-Term Delay of Frigate, Freedom LCS Construction

by | Apr 24, 2023 | Cybersecurity

[Sassy_Social_Share]
Christiaan Colen, CC BY-SA 2.0 [https://creativecommons.org/licenses/by-sa/2.0], via Wikimedia Commons

Ransomware Attack Hits Marinette Marine Shipyard, Results in Short-Term Delay of Frigate, Freedom LCS Construction

by | Apr 24, 2023 | Cybersecurity

[Sassy_Social_Share]

The Wisconsin shipyard that builds the U.S. Navy’s Freedom-class Littoral Combat Ship and the Constellation-class guided-missile frigate suffered a ransomware attack last week that delayed production across the shipyard, USNI News has learned.

Fincantieri Marinette Marine experienced the attack in the early morning hours of April 12, when large chunks of data on the shipyard’s network servers were rendered unusable by an unknown professional group, two sources familiar with a Navy summary of the attack told USNI News on Thursday.

In a typical ransomware attack, attackers take the information on a server, encrypt it and set terms for a key that will unlock the data.

Gain valuable intelligence

* indicates required

The attack on Marinette Marine targeted servers that held data used to feed instructions to the shipyard’s computer numerical control manufacturing machines, knocking them offline for several days. CNC-enabled machines are the backbone of modern manufacturing, taking specifications developed with design software and sending instructions to devices like welders, cutters, bending machines and other computer-controlled tools.

Based on information from the Navy, it’s unclear if the attackers stole any data.

In a statement to USNI News, Marinette Marine acknowledged there had been a cybersecurity incident at the shipyard.

“Fincantieri Marine Group experienced a cybersecurity incident last week that is causing a temporary disruption to certain computer systems on its network. The company’s network security officials immediately isolated systems and reported the incident to relevant agencies and partners. Fincantieri Marine Group brought in additional resources to investigate and to restore full functionality to the affected systems as quickly as possible, “ reads a statement from Fincantieri spokesman Eric Dent.

“Repair and construction operations continue at all three U.S. shipyards, however the company’s email and some networked operations remain off-line for now.”

Fincantieri would not elaborate beyond the statement.

In a separate statement to USNI News, Freedom-class prime contractor Lockheed Martin spokesperson said, “we face threats every day from sophisticated adversaries around the world and we regularly take actions to increase the security of our systems and to protect our employee, customer and program data.”

USNI News understands that as of Thursday afternoon, some of the CNC machines at Marinette were operational.

USNI News was visiting the shipyard in Marinette the day after the attack and observed shipyard workers using the panel lines that feed gray and pink steel through to build both the Constellation-class frigates and the multi-mission surface combatants for the Royal Saudi Navy.

The yard is currently on contract to build four combatants for the Saudis and three frigates for the U.S. Navy, with the service planning to ramp up procurement in the pursuit of buying two frigates per year.

The Navy acknowledged the attack in a statement but did not provide additional details.

“The Navy was made aware of a cyber-incident involving Fincantieri Marine Group. FMG is the parent company of Fincantieri Marinette Marine which has contracts with the Navy to construct the Constellation Class Frigate and Freedom-variant Littoral Combat Ship. FMM also builds the Multi-Mission Surface Combatant,” reads the statement.

“FMG has taken measures to prevent further incursions and is conducting the required response, remediation and reporting actions. The Navy is actively monitoring the efforts.”


Republished from the U.S. Naval Institute under a Creative Commons license in the United States in order to point Indo-Pacific warfighters and national security professionals to reputable and relevant war studies literature. Read the original article.


[Sassy_Social_Share]
Sam LaGrone and Mallory Shelbourne

Sam LaGrone is the editor of USNI News. He has covered legislation, acquisition and operations for the Sea Services since 2009 and spent time underway with the U.S. Navy, U.S. Marine Corps and the Canadian Navy. Follow @samlagrone

Related Articles

Expert: TikTok could be a risk to national security

Expert: TikTok could be a risk to national security

More than 86 million Americans use the social media app TikTok to create, share, and view short videos, featuring everything from cute animals and influencer advice to comedy and dance performances.
Concerned experts point out that TikTok’s parent company, the Beijing-based ByteDance, has been accused of working with the Chinese government to censor content and could also collect sensitive data on users.

Pentagon leaks suggest China developing ways to attack satellites – here’s how they might work

Pentagon leaks suggest China developing ways to attack satellites – here’s how they might work

The recent leak of Pentagon documents included the suggestion that China is developing sophisticated cyber attacks for the purpose of disrupting military communication satellites. While this is unconfirmed, it is certainly possible, as many sovereign nations and private companies have considered how to protect from signal interference.

There’s no place for impunity in cyberspace

There’s no place for impunity in cyberspace

Two years ago, I had the opportunity to chair the first-ever official UN Security Council meeting on cybersecurity. Almost everyone there stressed that all states have already agreed that international law, including the UN charter in its entirety, applies in cyberspace. Only two countries did not. Half a year later, one of those countries, Russia, started its full-scale aggression against Ukraine and violated every rule in the book. For years, we heard predictions that the next big war would be a kind of cyber Armageddon. But instead, Russia brought back large-scale conventional war.