World’s largest cruise company Carnival Corporation suffered from ransomware attack

The Carnival Corporation reported to the US Securities and Exchange Commission that the company suffered from an unnamed ransomware attack on August 15, 2020.

According to the documents that provided the company, attackers gained access to the systems of an unnamed subsidiary of the Carnival Corporation and encrypted files on the affected machines.

In addition, hackers have stolen files from the affected company’s network.

“As a result, it is believed that attackers could have gained access to the personal data of some employees and customers”, – said Securities and Exchange Commission representatives.

The cruise company is already investigating the incident with the assistance of law enforcement agencies. The Carnival Corporation has not yet disclosed any technical details about the incident, nor has it disclosed which particular ransomware was behind the attack.

At the same time, experts from Bad Packets told journalists of Bleeping Computer that Carnival Corporation could be hacked due to the CVE-2019-19781 vulnerability, which affects a number of versions of Citrix Application Delivery Controller (ADC), Citrix Gateway, as well as two old versions of Citrix SD-WAN WANOP.

“Not surprising given they had multiple Citrix servers vulnerable to CVE-2019-19781. CVE-2020-2021 could be another initial vector of compromise as well”, — tweeted by Bad Packets.

This problem was discovered at the end of 2019, and even then, analysts warned that more than 80,000 vulnerable servers could be found in the public domain, that is, the problem threatened tens of thousands of companies from 158 countries.

In addition, according to experts, the problem could lie in the CVE-2020-2021 vulnerability found in PAN-OS, an operating system running on firewalls and corporate VPN devices manufactured by Palo Alto Networks.

Let me remind you that specialists from Palo Alto Networks also talked about attacks on Gulf shipping companies.

Regarding ransomware, 2020 is not only the year of the coronavirus epidemic, but also a real ransomware epidemic: MaxLinear chipmaker became a victim of ransomware, the Bank of Costa Rica suffered from the attack, ransomware operators even attack COVID-19 vaccine manufacturers, and this is only a small part known attacks. This difficult year is still far from finish.