Denmark's Maritime Cybersecurity Plan Highlights Financial Threats

Uploaded on 2019-01-30 in FREE TO VIEW, BUSINESS-Services-Transport & Travel, NEWS-Cybersecurity News

A new cybersecurity strategy for Denmark has classified financial threats to the maritime sector from cyber criminals and 'government-backed hackers' using ransomware as 'very high' but cyber terrorism threats as low. 

The Danish Maritime Authority (DMA) published its Cyber and Information Security Strategy for the Maritime Sector 2019-2022 following a threat assessment from Denmark's Centre for Cyber Security (CFCS).

CFCS' threat assessment concluded that "the general cyber threat against the maritime sector is directed against commercial businesses and does not currently pose a direct threat to maritime operations". The likelihood of 'destructive cyber attacks' and cyber terrorism in the maritime sector is low, it said, particularly outside of conflict areas. 

"Terrorist groups have only shown a limited interest in the maritime sector. Also, terrorist groups lack the capabilities and resources to launch spectacular cyber-attacks against the maritime sector," the CFCS assessment said.

Cyber criminals and state-backed actors bent on espionage and blackmail present a far greater risk.

"It is assessed that states systematically use cyber espionage as a means to achieve industrial and business advantages and promote political and economic interests... In particular, there is a considerable threat from cyber criminals aiming to blackmail public authorities, businesses and individuals (ransomware)," the assessment found. 

"Networks of cyber criminals exist that are organised and work towards long-term objectives, and cyber-crimes are probably also committed by government-backed hackers."

The DMA also commissioned a risk and vulnerability analysis as part of its preparation for the cyber security strategy. Prepared by external consultants, the analysis took in data and dialogue from Denmark's maritime sector, involving the NATO-formed Danish Shipping Board and other public authorities. 

Those interviewed for the risk analysis said increased use of information technology (IT) on board vessels had driven up dependency on the systems for core maritime activities and the analysis found private sector maritime players take a 'broad approach' to cybersecurity.

According to the analysis, the biggest risks to the sector stem from a slow response to technical vulnerabilities, a 'technology gap' between IT systems and operational technology (OT) systems such as propulsion, a lack of procedures for ensuring software upgrades and the vulnerability of critical systems to targeted attack.

Consequences from the threats include data loss, data integrity loss, reputational damage and a pronounced risk of financial loss. 

MarineMec.com

You Might Also Read:

Optimising Maritime Cybersecurity:


 

 

 

« Financial Executives Are Out Of Touch With Cyber Threats
US Intelligence Chief Warns Of ‘ever more diverse’ Threats »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

EdgeWave

EdgeWave

EdgeWave provides simple but highly effective data security and advanced threat protection in solutions that are affordable, scalable and easy to use.

Silicon:SAFE

Silicon:SAFE

Silicon:SAFE develops impenetrable hardware solutions that prevent bulk data theft during a cyber-attack.

IronNet Cybersecurity

IronNet Cybersecurity

IronNet’s product and services provide enterprise-wide security management and visibility of your network, users and assets.

Synectics Solutions

Synectics Solutions

Synectics deliver solutions for reducing risk, combating financial crime, and enabling organisations to meet their compliance and regulatory commitments.

Bl4ckswan

Bl4ckswan

Bl4ckswan is a Management Consulting firm specialized in the delivery of information security and compliance services.

Practical Assurance

Practical Assurance

Practical Assurance helps companies navigate the rough terrain of information security compliance.

Vantea SMART

Vantea SMART

Vantea SMART have decades of experience in cybersecurity resulting in an approach of proactive prevention - Security by Design and by Default.

Ward Solutions

Ward Solutions

Ward Solutions are an information security consultancy and managed services company. We help organisations protect their brand, people, assets, intellectual property and profits.

Imageware

Imageware

Imageware is a leader in biometric cybersecurity. Protect against costly, damaging ransomware hacks by employing biometric cybersecurity solutions.

Jit

Jit

Jit empowers developers to own security for the product they are building from day zero.

European Data Protection Supervisor (EDPS)

European Data Protection Supervisor (EDPS)

The EDPS is the European Union’s independent data protection authority. We monitor and ensure the protection of personal data and privacy when EU institutions and bodies process personal information.

Cynical Technology

Cynical Technology

Cynical Technology is a Nepalese cybersecurity company with expertise in security consulting, auditing, testing and compliance.

Deepware

Deepware

Deepware is an emerging AI research company dedicated to exploring the potential of GenAI in both generation and detection.

Scalarr

Scalarr

Scalarr is an innovative, next-generation cyber security firm focused on automation and AI to detect and prevent threats in mobile and Edge/IoT infrastructures.

Velstadt Cybersecurity

Velstadt Cybersecurity

Velstadt's team of experienced professionals works on identifying vulnerabilities, analyzing threats, and developing strategies to ensure the highest level of security.

Slide

Slide

Slide is a modern, security-first Business Continuity & Disaster Recovery (BCDR) company built exclusively for Managed Service Providers.