IMO hit by “sophisticated” cyber attack, media report

It would appear that maritime cyber security is once again in the headlines. Following the recent ransomware attack on CMA CGM, news has emerged that the United Nation’s regulatory body for shipping, has suffered a “sophisticated” cyber attack.

At the time of writing, even the IMO’s public-facing pages were offline. Media reports state that the same is true of the organisation’s intranet, as IT technicians have shut down key systems in order to prevent further damage.

The exact nature of the attack has not yet been made public, but with staff still working remotely, systems are always going to be at risk, as new attack vectors are available to APT groups and criminals. Quite what could be achieved by attacking the IMO remains unclear, but it provides yet another wake up call to the maritime industry as a whole. After all, if the regulatory body can be taken offline so easily, how secure are shipping companies, ports and related maritime firms?

Hackers may already be hitting ports, say experts

Ports are on the front line of the maritime industry’s cyber war and are vulnerable to hackers and cyber attacks, panellists told attendees during Riviera’s ‘Where port security meets cyber security’ webinar, held in association with the Maritime Transportation System – Information Sharing and Analysis Center (ISAC)

The key message from cyber security experts was that operators and authorities need to know their vulnerabilities and be prepared for a constant barrage of cyber threats.

Panellists offered insights into an array of cyber risks facing the maritime industry as well as guidance on how to cost-effectively mitigate those threats.

To continue reading, please click here.

Source: rivieramm.com

Two Cases of Cocaine Smuggling Discovered in Rotterdam on the Same Day

[Brief] Customs officials at the Port of Rotterdam reported the discovery of two separate incidents of cocaine smuggling in containers arriving at the port over the weekend. A total of approximately 242 kilos of cocaine with an estimated street value of more than $21 million was discovered in two different shipments both originated in Brazil.

In the first instance, inspectors searched a container that had arrived in Rotterdam on July 22 from Santos. The container that was destined for a company in Rotterdam, was manifested to be carrying orange pulp. Hidden behind a wall in the container, customs officers found 30 kilos of cocaine.

To continue reading, please click here.

Source: maritime-executive.com

Report: Maritime Cyberattacks Have Quadrupled Since February

The British Ports Association and the UK-based risk management firm Astaara have released a new study on the wave of cyberattacks seen by maritime stakeholders over the past four months.

In one high profile attack in May, computer systems at Iran’s Shahid Rajaee port facility at Bandar Abbas, creating traffic jams and serious operational disruption. Astaara believes that the attack came in direct response to a failed Iranian cyberattack on an Israeli water facility in April. (Iran has denied any involvement in the earlier incident.) U.S. officials told the Washington Post that Israeli forces orchestrated the retaliatory hack on Shahid Rajaee.

To continue reading, please click here.

Source: maritime-executive.com

Report: Maritime Cyberattacks Up by 400 Percent

Cybersecurity consultancy Naval Dome has reported a 400 percent increase in attempted hacks since February 2020. The primary cause is an increase in malware, ransomware and phishing emails attempting to exploit the COVID-19 pandemic, but Naval Dome says that global travel restrictions, social distancing measures and the economic recession are beginning to cut into companies’ self-defense capabilities.

In addition, since OEM technicians have a harder time traveling to service systems on board ships and rigs, they are increasingly making “remote” service calls that require the operator to bypass security protections – creating an opening for a cyberattack.

To continue reading, please click here.

Source: maritime-executive.com

U.S. Maritime Stakeholders Launch Cyber Threat Clearinghouse

A group of American seaports and maritime stakeholders have decided to address cybersecurity threats by launching a new non-profit, the Maritime Transportation System Information Sharing and Analysis Center (MTS-ISAC).

The new organization’s objective is to promote cybersecurity information sharing throughout the maritime community. A group of leaders from seaports, shipowners and terminal operators recognized the need to improve their own cybersecurity resiliency, and since resources are limited, they realized the best approach was to work with their peers to identify, protect against, and detect cyber threats. Information sharing and analysis efforts will focus on threats to both information technology (IT) and operational technology (OT) systems, which stakeholders can use to prevent or minimize potential cyber incidents.

To continue reading, please click here.

Source: maritime-executive.com

Iran reports failed cyber-attack on Strait of Hormuz port

Iranian officials said hackers infiltrated and damaged a small number of computers at the port of Shahid Rajaei in the city of Bandar Abbas.

By

Iranian officials said on Sunday that hackers damaged a small number of computers in a failed cyber-attack against the port of Bandar Abbas, the country’s largest port in the Strait of Hormuz.

Details about the cyber-attack’s nature remain unknown.

To continue reading, please click here.

Source: zdnet.com

Cyber security concerns for autonomous and remotely controlled systems

Cyber security is highly relevant to a raft of autonomous and remotely controlled systems in the offshore energy sector, writes International Marine Contractors Association (IMCA) technical adviser, competence and training, remote systems and ROV Andre Rose

Among these systems are marine autonomous surface systems (MASS), unmanned surface vessels (USVs), remotely operated vessels (ROVs) and autonomous underwater vessels (AUVs) able to operate from remote control centres often referred to as unmanned underwater systems (UUVs); and to unmanned aerial vehicles (UAVs) commonly known as drones.

As information technology (IT) has advanced, the opportunity for cyber crime has also increased. Technological advances now make USVs commonplace with many of these small craft (< 5 m) already in use for survey operations. Future larger systems will have varying levels of autonomy ranging from remotely controlled vessels operated from a shoreside RCC to, eventually, fully autonomous vessels.

To continue reading, please click here.

Source: rivieramm.com

New customised cyber insurance product for shipowners

Ben Abraham

Willis Towers Watson, a global advisory, broking and solutions company, has unveiled a new type of cyber insurance product for shipowners that re-designs standard cyber policies to better navigate the risks for ship operators in the digital era.

The solution, CyNav, addresses cyber threats in the broadest sense, including losses that occur from cyber-related business interruptions, even when the cyber events originate with third party IT service providers.

To continue reading, please click here.

Source: seatrade-maritime.com

MSC confirms malware attack caused website outage

Marcus Hand

Mediterranean Shipping Company (MSC) has confirmed that a malware attack caused a data centre outage which led to its main customer facing websites being down for several days.

The outage at its headquarters in Geneva led to MSC.com and myMSC being offline over the Easter weekend and only back in service on Wednesday.

To continue reading, please click here.

Source: seatrade-maritime.com