DNV
Company Details
Linkedin ID:
dnv
Website:
Employees number:
22,475
Number of followers:
619,387
NAICS:
92219
Industry Type:
Homepage:
dnv.com
IP Addresses:
0
Company ID:
DNV_1524730
Scan Status:
In-progress
Internal validation & live display
Multiple badges & continuous verification
Faster underwriting decisions
DNV Vendor Cyber Rating & Cyber Score
dnv.comDNV is the independent expert in risk management and assurance, operating in more than 100 countries. Through its broad experience and deep expertise DNV advances safety and sustainable performance, sets industry benchmarks, and inspires and invents solutions. Whether assessing a new ship design, optimizing the performance of a wind farm, analyzing sensor data from a gas pipeline or certifying a food company’s supply chain, DNV enables its customers and their stakeholders to make critical decisions with confidence. Driven by its purpose, to safeguard life, property, and the environment, DNV helps tackle the challenges and global transformations facing its customers and the world today and is a trusted voice for many of the world’s most successful and forward-thinking companies. DNV uses cookies. For more information, please visit https://www.dnv.com/privacy/change-cookie-settings.html
DNV A.I CyberSecurity Scoring
DNV Risk Score (AI oriented)Between 700 and 749
DNV
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
DNV Global Score (TPRM)XXXX
DNV
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
DNV Company CyberSecurity News & History
Past Incidents
2
Attack Types
1
DNV
Ransomware
Rankiteo Explanation
Attack threatening the organization’s existence
Description: In January 2023, Oslo-based DNV a leading global maritime classification society and risk management provider fell victim to a ransomware attack on January 7, forcing the shutdown of IT servers linked to its ShipManager system. The incident disrupted operations for 70 customers, impacting approximately 1,000 vessels reliant on the system for navigation, safety, and compliance management. DNV initiated daily communications with affected clients, providing updates from ongoing forensic investigations. While the attack caused significant operational disruptions potentially halting vessel management, logistical coordination, and regulatory compliance the company did not confirm whether sensitive customer or proprietary data was exfiltrated. The shutdown of critical IT infrastructure posed risks to maritime safety, supply chain continuity, and DNV’s reputation as a trusted industry authority. Recovery efforts focused on restoring systems while mitigating further propagation of the ransomware.
DNV: Who’s Hacked? Latest Data Breaches And Cyberattacks
Ransomware
Rankiteo Explanation
Attack threatening the organization's existence
Description: Major Ransomware Attack Disrupts Global Supply Chain Operations A large-scale ransomware attack has targeted DNV, a leading provider of maritime software solutions, forcing the company to shut down key IT systems affecting 70 ship management clients worldwide. The incident, detected on January 7, 2025, disrupted operations for vessel owners and operators relying on DNV’s ShipManager software, which handles critical functions such as navigation, maintenance, and compliance. DNV confirmed the attack involved LockBit ransomware, a notorious strain known for extorting high-profile victims. While the company stated that no ransom demand had been received as of the latest update, investigations are ongoing to assess the full scope of the breach. Initial reports indicate that backup systems were activated, minimizing downtime, but some clients experienced delays in accessing real-time vessel data. The attack highlights the growing vulnerability of maritime infrastructure to cyber threats, a sector increasingly targeted due to its reliance on interconnected digital systems. DNV, headquartered in Norway, serves over 300,000 vessels globally, making this incident one of the most significant disruptions to maritime cybersecurity in recent years. Authorities, including Norwegian cybersecurity agencies, are assisting in the response, though no attribution to a specific threat actor has been confirmed. The incident underscores the escalating risks to supply chains, where a single breach can cascade across multiple industries. Further details on data exposure and recovery timelines are expected in the coming days.
DNV Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for DNV
Incidents vs Public Safety Industry Average (This Year)
No incidents recorded for DNV in 2026.
Incidents vs All-Companies Average (This Year)
No incidents recorded for DNV in 2026.
Incident Types DNV vs Public Safety Industry Avg (This Year)
No incidents recorded for DNV in 2026.
Incident History — DNV (X = Date, Y = Severity)
DNV cyber incidents detection timeline including parent company and subsidiaries
DNV Company Subsidiaries
DNV is the independent expert in risk management and assurance, operating in more than 100 countries. Through its broad experience and deep expertise DNV advances safety and sustainable performance, sets industry benchmarks, and inspires and invents solutions. Whether assessing a new ship design, optimizing the performance of a wind farm, analyzing sensor data from a gas pipeline or certifying a food company’s supply chain, DNV enables its customers and their stakeholders to make critical decisions with confidence. Driven by its purpose, to safeguard life, property, and the environment, DNV helps tackle the challenges and global transformations facing its customers and the world today and is a trusted voice for many of the world’s most successful and forward-thinking companies. DNV uses cookies. For more information, please visit https://www.dnv.com/privacy/change-cookie-settings.html
Loading...
DNV Similar Companies
TÜV Rheinland Group
Neutral, independent third party For more than 150 years, TÜV Rheinland has stood for ensuring quality, safety, and efficiency in conjunction with people, the environment, and technology. As a neutral, independent third party, we test, accompany, develop, promote and certify products, plants, proc
DEKRA
For 100 years, DEKRA has been a trusted name in safety. Founded in 1925 with the original goal of improving road safety through vehicle inspections, DEKRA has grown to become the world's largest independent, non-listed expert organization in the field of testing, inspection, and certification. Today
TÜV SÜD
TÜV SÜD is the trusted partner of choice for safety, security and sustainability solutions. Our community of experts is passionate about technology and united by the belief that technology should better people’s lives. We work alongside our customers to anticipate and capitalize on technological d
.png)
DNV CyberSecurity News
March 16, 2026 03:52 PM
ARCON teams with DNV Cyber to strengthen privileged access management capabilities in the Nordics
Global identity security technology vendor ARCON and DNV Cyber formed a new partnership that will strengthen ARCON's presence in the Nordics...
October 18, 2025 09:55 AM
Moxa Network and Communication Devices Certified With DNV Type Approval of Security Profile 2 and IEC 61162-460
Moxa Network and Communication Devices Certified With DNV Type Approval of Security Profile 2 and IEC 61162-460. Moxa's EDR-G9010 and EDR-8010 Series...
September 15, 2025 07:00 AM
DNV details ‘SteganoAmor’ malware campaign used against Iranian oil and gas traders, extends to maritime operators
CyberOwl, a DNV company, uncovered a sophisticated phishing and malware campaign targeting Iranian oil and gas trading organizations,...
July 15, 2025 07:00 AM
NIS2: A catalyst for improving maritime cybersecurity
Maritime cybersecurity is not just a technical challenge, but a strategic imperative that affects safety, operations, and reputation.
July 14, 2025 02:56 PM
Furuno Successfully Completes Compliance Assessment For DNV Security Profile 1
Furuno successfully completed the compliance assessment for DNV security profile 1 to meet the requirements specified in IACS UR E27.
May 01, 2025 07:00 AM
ESMC Warns of Cybersecurity Risks in Europe’s Solar Infrastructure Due to Chinese Inverters
The European Solar Manufacturing Council (ESMC) urges immediate EU action to address cybersecurity threats posed by Chinese-made PV...
April 17, 2025 07:00 AM
AI could enhance or harm the wind industry’s cybersecurity
The energy transition is not secure without the safe proliferation of AI, argues Shaun Reardon at DNV. Across the energy industry,...
April 08, 2025 07:00 AM
News Tech advances leave ship systems cyber-vulnerable, says DNV
Ship systems are integrated, making vessels potentially far more vulnerable to cyber-attack, a DNV expert said this week.
April 05, 2025 01:30 AM
Energy cyber priorities for 2025
DNV's annual survey and analysis finds that even as the energy industry becomes more mature in its cybersecurity posture, it needs to continue to strengthen...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
DNV CyberSecurity History Information
Official Website of DNV
The official website of DNV is https://www.dnv.com.
DNV’s AI-Generated Cybersecurity Score
According to Rankiteo, DNV’s AI-generated cybersecurity score is 748, reflecting their Moderate security posture.
How many security badges does DNV’ have ?
According to Rankiteo, DNV currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Has DNV been affected by any supply chain cyber incidents ?
According to Rankiteo, DNV has not been affected by any supply chain cyber incidents, and no incident IDs are currently listed for the organization.
Does DNV have SOC 2 Type 1 certification ?
According to Rankiteo, DNV is not certified under SOC 2 Type 1.
Does DNV have SOC 2 Type 2 certification ?
According to Rankiteo, DNV does not hold a SOC 2 Type 2 certification.
Does DNV comply with GDPR ?
According to Rankiteo, DNV is not listed as GDPR compliant.
Does DNV have PCI DSS certification ?
According to Rankiteo, DNV does not currently maintain PCI DSS compliance.
Does DNV comply with HIPAA ?
According to Rankiteo, DNV is not compliant with HIPAA regulations.
Does DNV have ISO 27001 certification ?
According to Rankiteo,DNV is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of DNV
DNV operates primarily in the Public Safety industry.
Number of Employees at DNV
DNV employs approximately 22,475 people worldwide.
Subsidiaries Owned by DNV
DNV presently has no subsidiaries across any sectors.
DNV’s LinkedIn Followers
DNV’s official LinkedIn profile has approximately 619,387 followers.
NAICS Classification of DNV
DNV is classified under the NAICS code 92219, which corresponds to Other Justice, Public Order, and Safety Activities.
DNV’s Presence on Crunchbase
No, DNV does not have a profile on Crunchbase.
DNV’s Presence on LinkedIn
Yes, DNV maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/dnv.
Cybersecurity Incidents Involving DNV
As of April 04, 2026, Rankiteo reports that DNV has experienced 2 cybersecurity incidents.
Number of Peer and Competitor Companies
DNV has an estimated 2,144 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at DNV ?
Incident Types: The types of cybersecurity incidents that have occurred include Ransomware.
How does DNV detect and respond to cybersecurity incidents ?
Detection and Response: The company detects and responds to cybersecurity incidents through an containment measures with shut down it servers connected to shipmanager system, and communication strategy with daily updates to 70 affected customers on forensic investigation findings, and third party assistance with norwegian cybersecurity agencies, and containment measures with shut down key it systems; activated backup systems..
Incident Details
Can you provide details on each incident ?
Title: DNV Ransomware Attack (January 2023)
Description: In January 2023, Oslo-based DNV – one of the world’s largest maritime organizations – was hit with ransomware on the evening of January 7 and was forced to shut down the IT servers connected to their ShipManager system. DNV is communicating daily with all 70 affected customers to update them on findings of the ongoing forensic investigations. In total, around 1000 vessels are affected.
Date Detected: 2023-01-07
Date Publicly Disclosed: 2023-01-07
Type: Ransomware
Title: Major Ransomware Attack Disrupts Global Supply Chain Operations
Description: A large-scale ransomware attack has targeted DNV, a leading provider of maritime software solutions, forcing the company to shut down key IT systems affecting 70 ship management clients worldwide. The incident disrupted operations for vessel owners and operators relying on DNV’s ShipManager software, which handles critical functions such as navigation, maintenance, and compliance.
Date Detected: 2025-01-07
Type: Ransomware
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Ransomware.
Impact of the Incidents
What was the impact of each incident ?
Incident : Ransomware DNV905092125
Systems Affected: ShipManager system
Operational Impact: 1000 vessels affected; IT servers shut down
Incident : Ransomware DNV1770508746
Systems Affected: ShipManager software (navigation, maintenance, compliance systems)
Operational Impact: Disrupted operations for vessel owners and operators; delays in accessing real-time vessel data
Which entities were affected by each incident ?
Incident : Ransomware DNV905092125
Entity Name: DNV
Entity Type: Organization
Industry: Maritime
Location: Oslo, Norway
Customers Affected: 70
Incident : Ransomware DNV1770508746
Entity Name: DNV
Entity Type: Maritime software provider
Industry: Maritime/Supply Chain
Location: Norway
Customers Affected: 70 ship management clients
Response to the Incidents
What measures were taken in response to each incident ?
Incident : Ransomware DNV905092125
Incident Response Plan Activated: True
Containment Measures: Shut down IT servers connected to ShipManager system
Communication Strategy: Daily updates to 70 affected customers on forensic investigation findings
Incident : Ransomware DNV1770508746
Third Party Assistance: Norwegian cybersecurity agencies
Containment Measures: Shut down key IT systems; activated backup systems
How does the company involve third-party assistance in incident response ?
Third-Party Assistance: The company involves third-party assistance in incident response through Norwegian cybersecurity agencies.
Data Breach Information
How does the company handle incidents involving personally identifiable information (PII) ?
Handling of PII Incidents: The company handles incidents involving personally identifiable information (PII) through by shut down it servers connected to shipmanager system, and shut down key it systems; activated backup systems.
Ransomware Information
Was ransomware involved in any of the incidents ?
Incident : Ransomware DNV905092125
Data Encryption: True
Incident : Ransomware DNV1770508746
Ransom Demanded: None received as of latest update
Ransomware Strain: LockBit
Lessons Learned and Recommendations
What lessons were learned from each incident ?
Incident : Ransomware DNV1770508746
Lessons Learned: Growing vulnerability of maritime infrastructure to cyber threats; escalating risks to supply chains due to interconnected digital systems
What are the key lessons learned from past incidents ?
Key Lessons Learned: The key lessons learned from past incidents are Growing vulnerability of maritime infrastructure to cyber threats; escalating risks to supply chains due to interconnected digital systems.
Investigation Status
What is the current status of the investigation for each incident ?
Incident : Ransomware DNV905092125
Investigation Status: Ongoing (as of January 2023 disclosure)
Incident : Ransomware DNV1770508746
Investigation Status: Ongoing
How does the company communicate the status of incident investigations to stakeholders ?
Communication of Investigation Status: The company communicates the status of incident investigations to stakeholders through Daily updates to 70 affected customers on forensic investigation findings.
Stakeholder and Customer Advisories
Were there any advisories issued to stakeholders or customers for each incident ?
Incident : Ransomware DNV905092125
Customer Advisories: Daily updates provided to 70 affected customers
What advisories does the company provide to stakeholders and customers following an incident ?
Advisories Provided: The company provides the following advisories to stakeholders and customers following an incident: was Daily updates provided to 70 affected customers.
Post-Incident Analysis
What is the company's process for conducting post-incident analysis ?
Post-Incident Analysis Process: The company's process for conducting post-incident analysis is described as Norwegian cybersecurity agencies.
Additional Questions
General Information
What was the amount of the last ransom demanded ?
Last Ransom Demanded: The amount of the last ransom demanded was None received as of latest update.
Incident Details
What was the most recent incident detected ?
Most Recent Incident Detected: The most recent incident detected was on 2023-01-07.
What was the most recent incident publicly disclosed ?
Most Recent Incident Publicly Disclosed: The most recent incident publicly disclosed was on 2023-01-07.
Impact of the Incidents
What was the most significant system affected in an incident ?
Most Significant System Affected: The most significant system affected in an incident was ShipManager system and .
Response to the Incidents
What third-party assistance was involved in the most recent incident ?
Third-Party Assistance in Most Recent Incident: The third-party assistance involved in the most recent incident was Norwegian cybersecurity agencies.
What containment measures were taken in the most recent incident ?
Containment Measures in Most Recent Incident: The containment measures taken in the most recent incident were Shut down IT servers connected to ShipManager system and Shut down key IT systems; activated backup systems.
Ransomware Information
What was the highest ransom demanded in a ransomware incident ?
Highest Ransom Demanded: The highest ransom demanded in a ransomware incident was None received as of latest update.
Lessons Learned and Recommendations
What was the most significant lesson learned from past incidents ?
Most Significant Lesson Learned: The most significant lesson learned from past incidents was Growing vulnerability of maritime infrastructure to cyber threats; escalating risks to supply chains due to interconnected digital systems.
Investigation Status
What is the current status of the most recent investigation ?
Current Status of Most Recent Investigation: The current status of the most recent investigation is Ongoing (as of January 2023 disclosure).
Stakeholder and Customer Advisories
What was the most recent customer advisory issued ?
Most Recent Customer Advisory: The most recent customer advisory issued was an Daily updates provided to 70 affected customers.
.png)
Latest Global CVEs (Not Company-Specific)
Description
Hirschmann EagleSDV version 05.4.01 prior to 05.4.02 contains a denial-of-service vulnerability that causes the device to crash during session establishment when using TLS 1.0 or TLS 1.1. Attackers can trigger a crash by initiating TLS connections with these protocol versions to disrupt service availability.
Risk Information
cvss3
Base: 7.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
cvss4
Base: 8.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description
The stored API keys in temporary browser client is not marked as protected allowing for JavScript console or other errors to allow for extraction of the encryption credentials.
Description
XSS vulnerability in cveInterface.js allows for inject HTML to be passed to display, as cveInterface trusts input from CVE API services
Description
Multiple reflected cross-site scripting (XSS) vulnerabilities in the login.php endpoint of Interzen Consulting S.r.l ZenShare Suite v17.0 allows attackers to execute arbitrary Javascript in the context of the user's browser via a crafted URL injected into the codice_azienda and red_url parameters.
Description
A reflected cross-site scripting (XSS) vulnerability in the login_newpwd.php endpoint of Interzen Consulting S.r.l ZenShare Suite v17.0 allows attackers to execute arbitrary Javascript in the context of the user's browser via a crafted URL injected into the codice_azienda parameter.
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=dnv' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
