Superyacht-Maker Hit by Easter Ransomware Attack

Written by

A noted maker of luxury yachts for the super-rich suffered a ransomware attack over the Easter weekend, although it is not clear if sensitive customer information was stolen.

Founded in 1875, German shipbuilder Lürssen is said to make annual revenue close to €2bn ($2.2bn) and will doubtless have a list of exclusive clients, making it an attractive target for digital extortionists.

“In coordination with internal and external experts, we immediately initiated all necessary protective measures and informed the responsible authorities,” a spokesperson reportedly said in a brief statement.

The Bremen-headquartered firm has made many of the world’s largest superyachts, although it also produces sea-going vessels for the German navy.

Local reports suggest that the attack has brought much of the firm’s operations to a standstill, with its Lürssen-Kröger shipyard in Schleswig-Holstein one of the few parts of the company still operational.

Read more on ransomware: More DDoS, More Leaks: Where Ransomware is Headed in 2023.

The attack follows similar extortion attempts targeting other luxury brands including Ferrari, Moncler and Zegna.

In the case of Moncler, some data on employees and customers was leaked to the dark web following the breach.

Darren Williams, CEO and founder of Blackfog, said Lürssen’s attackers likely singled the firm out as a potentially lucrative target.

“Attackers do not discriminate – one could say, except for where the dollar sign is at play, with the link between ransomware and sectors involving the super-rich becoming increasingly prevalent,” he argued.

“Without the latest anti-data exfiltration tools in place, and a solid backup/incident response plan ready for the darkest hour, even organizations with some of the highest capital worldwide cannot claim immunity to cyber-attacks.”

There is evidence to suggest that ransomware actors are upping their extortion demands as fewer victims are paying and more organizations improve baseline security.

A recent Trend Micro study revealed that every one victim that pays is effectively subsidising attacks on an additional 6–10 organizations.

Editorial image credit: nodi.jpg /

What’s hot on Infosecurity Magazine?