Royal Dirkzwager

Royal Dirkzwager is a Dutch maritime logistics company that has been in operation since 1872, providing ship management services to hundreds of organizations in the maritime industry. The company's services include monitoring of incoming and outgoing vessel traffic in ports, emergency response services, and more. Royal Dirkzwager is headquartered in the Netherlands and has been a significant player in the maritime logistics sector. However, the company faced financial difficulties and went bankrupt in September 2022, before being acquired by its current CEO, Joan Blaas, in October 2022.

The company has recently been involved in a significant cyber incident, falling victim to a Play ransomware attack in March 2023. The attack resulted in the theft of data, including contracts and personal information, such as employee IDs and passports. Despite the attack, the company's operations were not impacted, but it had a significant effect on employees, adding to the challenges faced due to the company's recent bankruptcy and subsequent changes. The Dutch Data Protection Authority was notified of the incident, and negotiations with the cybercriminals are underway.

The Play ransomware group, also known as PlayCrypt, has been active since June 2022 and has become one of the most active ransomware families recently. The group has targeted various entities, including government organizations and ports, and has claimed several victims in 2023. In the case of Royal Dirkzwager, the Play group published a 5GB archive containing data allegedly stolen from the company on its Tor leak site, threatening to publish the full batch of data if the company does not respond to their demands. The incident highlights the increasing threat of cyberattacks in the maritime industry, with several other companies, including ports and logistics firms, being targeted in recent years.

The attack on Royal Dirkzwager is part of a larger trend of ransomware attacks targeting the shipping industry, with several high-profile incidents reported in 2023. The Port of Lisbon, for example, was attacked by the LockBit ransomware group in January 2023, while the Port of Nagoya in Japan was hit by a ransomware attack by the Lockbit Group in July 2023. The incidents highlight the need for companies in the maritime industry to prioritize cybersecurity and take measures to protect themselves against these types of attacks. Royal Dirkzwager's experience serves as a reminder of the importance of being prepared for cyber incidents and having strategies in place to respond to and mitigate their impact.