cheers attacks Sembcorp Marine

Incident Date:

June 28, 2022

World map



cheers attacks Sembcorp Marine


Sembcorp Marine




Tanjong, Singapore

Kling, Singapore

First Reported

June 28, 2022

Sembcorp Marine Hit by Ransomware Attack

Singapore-based shipbuilding firm Sembcorp Marine has reported a cybersecurity incident where an unauthorized party gained access to part of its IT network through third-party software products. The company has taken immediate action to mitigate the risks and has engaged cybersecurity experts to conduct a detailed analysis to address all breaches and related root causes.

Sembcorp Marine is a globally-integrated design and construction company for complex rigs and production turnkey solutions, offering one-stop repair and upgrade solutions for all types of vessels and offshore structures. Despite the incident, the company's business operations remain unaffected. However, certain personally identifiable information relating to some of its incoming, existing, and former employees, as well as non-critical information relating to its operations, were compromised.

The Rise of Cybersecurity Attacks in the Maritime Industry

The maritime industry has seen a rise in cybersecurity attacks, with Sembcorp Marine being one of the recent victims. This incident highlights the vulnerability of the sector to such attacks and underscores the need for robust cybersecurity measures to prevent future incidents. Despite the breach, Sembcorp Marine has not reported any significant fiscal impact.

The ransomware group Cheers has claimed responsibility for the attack on Sembcorp Marine via their dark web leak site. The group is known for targeting various industries, including financial services, government, healthcare, public health, critical manufacturing, and information technology.

The incident at Sembcorp Marine underscores the need for increased vigilance and improved cybersecurity measures in the maritime industry. The company's swift action in mitigating the risks and engaging cybersecurity experts demonstrates its commitment to addressing the issue and safeguarding against future threats.


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.