Weekly report details growing number of shipping companies targeted by malware attacks

Sam Chambers

Cyber consultants Red Sky Alliance with maritime security specialists Dryad Global have started publishing a weekly list of names of ships appearing in malicious emails with hackers increasingly targeting this niche with malware or phishing links.

The weekly reports come at a time where maritime organisations are coming under increasingly sophisticated attacks with the charity, International Seafarers’ Welfare & Assistance Network, becoming the latest organisation to suffer at the hands of hackers, reporting today emails are being sent out with subject lines asking for your opinion on seafarers’ welfare and a malware link contained in the email.

To continue reading, please click here.

Source: splash247.com

Ransomware-hit US gas pipeline shut for two days

A ransomware attack on a US natural gas facility meant a pipeline had to be shut down for two days, the US Department of Homeland Security (DHS) has said.

However, it did not name the facility or say when the attack happened.

A malicious link sent to staff at the facility eventually caused the shutdown “of the entire pipeline asset”.

It was so severe in part because the organisation was not prepared for such an attack, the DHS statement said.

The incident was detailed in a security alert., which revealed it to be a “spear-phishing” attack, in which individuals are sent fraudulent but believable scam messages.

That let the attacker into the company’s IT network.

How did that shut down a pipeline?

Often, the “operational network” which runs computers in the factory is separated from the office IT – but not in this case, meaning the ransomware infection was allowed to spread.

Ransomware typically encrypts files on a victim’s computer and demands payment before offering to unlock them again – although there is no guarantee that the cyber-criminals who develop such software will be true to their word.

A spate of ransomware attacks has troubled various US organisations recently – from local authorities to hospitals to a maritime base.

In the case of the natural gas facility, only one office was targeted, but others in different geographic locations were forced to close down, too.

The DHS said the affected organisation had not properly prepared for a cyber-attack of this kind – with its emergency plans being focused on all sorts of physical attacks instead.

“Consequently, emergency response exercises also failed to provide employees with decision-making experience in dealing with cyber-attacks,” the department added.

All organisations, regardless of what sector they are in, should prepare for the possibility of a ransomware attack, said Carl Wearn, head of e-crime at cloud email firm Mimecast.

Businesses could do this “by implementing offline back-ups with a fall-back email and archiving facility, as a minimum” he said.

Source: bbc.co.uk

Shipping is so insecure we could have driven off in an oil rig, says Pen Test Partners

By Gareth Corfield

Penetration testers looking at commercial shipping and oil rigs discovered a litany of security blunders and vulnerabilities – including one set that would have let them take full control of a rig at sea.

Pen Test Partners (PTP), an infosec consulting outfit that specialises in doing what its name says, reckoned that on the whole, not many maritime companies understand the importance of good infosec practices at sea. The most eye-catching finding from PTP’s year of maritime pentesting was that its researchers could have gained a “full compromise” of a deep sea drilling rig, as used for oil exploration.

To continue reading, please click here.

Source: theregister.co.uk

Maritime industry now a major target for computer cyber attacks

Major advances in the rapidly changing maritime industry have made this area a top target for an increasing number of sophisticated cyber criminals. Their computer attacks are threatening vessels and ports that facilitate 95% of all UK trade – totalling around £500 billion.

Says Rick Flood, managing director of leading cybercrime firm Falanx Cyber, part of the Falanx Group: ‘We are regularly seeing reports of ransomware attacks. These are where computer systems are compromised and payments – often extortionate – demanded to unlock them’.

To continue reading, please click here.

Source: directorstalkinterviews.com

Marsec News: I recommend the Cyber Security Workbook for On Board Ship Use, which I discuss here.

UK Government releases new cyber security guidance for ports

By Beth Maundrill

With cyber-attacks no longer the stuff of “fictional narrative”, the UK Department for Transport (DfT) has released a new cyber security code of practice on cyber security for UK ports.

The document, released on 27 January, notes that cyber attacks on port systems are “no longer considered hypothetical” and cites the 2017 cyber-attack on Maersk from the destructive NotPetya virus which caused losses in the region of $200 to $300 million.

To continue reading, please click here.

Source: porttechnology.org

To download the guide, please click here.

Surge in Ships Seeking Cybersecurity Classification

A leading offshore safety and verification body has reported a rapid rise in the number of ships seeking to gain a cybersecurity classification.

Ship classification society Bureau Veritas Marine & Offshore (BV) says it has seen a surge in the number of ships applying for its “Cyber Managed” notation. The notation is based on BV’s rule NR659 on cybersecurity for the classification of marine units, which was co-developed with marine security experts.

To continue reading, please click here.

Source: infosecurity-magazine.com