Carnival Corp. Provides Ransomware Attack Update

As previously reported, Carnival Corporation & plc said it detected unauthorized third-party access to portions of the company's information technology systems on August 15, 2020 via a ransomware attack. At the time, Carnival said only that "personal data" was accessed and would not identify what type of personal information was accessed. The company would also not specify which brand(s) were affected.

The company has recently released an update saying that it appears that three brands were affected: Carnival Cruise Line, Holland America and Seabourn as well as casino operations. Guests, employees and crew members were all affected and are currently being identified. When identified, these individuals will receive a notice and be given complimentary credit monitoring.

"Working with its cybersecurity consultants, the company took steps to recover its files and has evidence indicating a low likelihood of the data being misused," the company said in a statement.

HT reached out to some cybersecurity experts and asked their opinion on this update and what it means for the industry at large.

On rethinking your cybersecurity model

“To protect against the scale and scope of these types of threats, organizations must rethink their defensive model, particularly business continuity and disaster recovery plans," says Steve Durbin, managing director of the Information Security Forum. "Established plans that depend on employees being able to work from home, for example, do not stand up to an attack that removes connectivity or personally targets individuals as a means of dropping ransomware into the corporate infrastructure.  Revised plans should cover threats to periods of operational downtime caused by attacks. Creating a cyber-savvy workforce that takes information security seriously, while nurturing a culture of trust, will help to eliminate poor security practices as well as diminish the number and scale of incidents.”

On the need for cybersecurity insurance

“Ransomware is now targeting all industries and evolving into a new form of data breach as criminals not only ‘steal access’ by placing a bounty to regain access to data and assets, but also threaten to steal the data itself," says Caroline Thompson, Head of Underwriting at Cowbell Cyber. "Moving forward, businesses should evaluate cyber insurance for every coverage and assistance that the policy might provide prior, during and after a cyber incident.

"It is often discounted that in the case of ransomware, the harm to an organization goes far beyond the necessity to pay the ransom if a readily available backup is not an option," Thompson adds. "Disruption to the business, loss of revenue and reputational damages are all financial burdens that cyber insurance can provide respite for. Partnering with a trusted insurance carrier with dedicated cybersecurity expertise is a must."