Denmark's Maritime Cybersecurity Plan Highlights Financial Threats

A new cybersecurity strategy for Denmark has classified financial threats to the maritime sector from cyber criminals and 'government-backed hackers' using ransomware as 'very high' but cyber terrorism threats as low. 

The Danish Maritime Authority (DMA) published its Cyber and Information Security Strategy for the Maritime Sector 2019-2022 following a threat assessment from Denmark's Centre for Cyber Security (CFCS).

CFCS' threat assessment concluded that "the general cyber threat against the maritime sector is directed against commercial businesses and does not currently pose a direct threat to maritime operations". The likelihood of 'destructive cyber attacks' and cyber terrorism in the maritime sector is low, it said, particularly outside of conflict areas. 

"Terrorist groups have only shown a limited interest in the maritime sector. Also, terrorist groups lack the capabilities and resources to launch spectacular cyber-attacks against the maritime sector," the CFCS assessment said.

Cyber criminals and state-backed actors bent on espionage and blackmail present a far greater risk.

"It is assessed that states systematically use cyber espionage as a means to achieve industrial and business advantages and promote political and economic interests... In particular, there is a considerable threat from cyber criminals aiming to blackmail public authorities, businesses and individuals (ransomware)," the assessment found. 

"Networks of cyber criminals exist that are organised and work towards long-term objectives, and cyber-crimes are probably also committed by government-backed hackers."

The DMA also commissioned a risk and vulnerability analysis as part of its preparation for the cyber security strategy. Prepared by external consultants, the analysis took in data and dialogue from Denmark's maritime sector, involving the NATO-formed Danish Shipping Board and other public authorities. 

Those interviewed for the risk analysis said increased use of information technology (IT) on board vessels had driven up dependency on the systems for core maritime activities and the analysis found private sector maritime players take a 'broad approach' to cybersecurity.

According to the analysis, the biggest risks to the sector stem from a slow response to technical vulnerabilities, a 'technology gap' between IT systems and operational technology (OT) systems such as propulsion, a lack of procedures for ensuring software upgrades and the vulnerability of critical systems to targeted attack.

Consequences from the threats include data loss, data integrity loss, reputational damage and a pronounced risk of financial loss. 

MarineMec.com

You Might Also Read:

Optimising Maritime Cybersecurity:


 

 

 

« Financial Executives Are Out Of Touch With Cyber Threats
US Intelligence Chief Warns Of ‘ever more diverse’ Threats »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

BaseN

BaseN

BaseN is a full stack IoT Operator. We control the full value chain in order to provide ultimate scalability, fault tolerance and security to our customers.

Uniscon

Uniscon

Uniscon is a leading provider of cloud security solutions in Europe.

Virsec Systems

Virsec Systems

Virsec detects and remediates previously “indefensible” advanced memory-based attacks on critical applications and server endpoints.

Khipu Networks

Khipu Networks

Khipu Networks is an award winning Cyber Security Company delivering a wide range of network, wireless and security solutions, technologies and services across multiple sectors.

GreyCortex

GreyCortex

GreyCortex uses advanced artificial intelligence, machine learning, and data mining methods to help organizations make their IT operations secure and reliable.

Hexnode MDM

Hexnode MDM

Hexnode MDM is an award winning Enterprise Mobility Management vendor which helps businesses to secure and manage BYOD, COPE, apps and content.

Snode Technologies

Snode Technologies

Snode's Guardian cybersecurity platform uses AI and machine learning to monitor, detect and proactively respond to all threats on every device within your network.

Voxility

Voxility

Voxility provides Infrastructure-as-a-Service in the biggest Internet hubs in the world.

Atakama

Atakama

With Atakama, data remains encrypted until the very moment it is used, and the ability to decrypt is based on zero trust architecture.

WithSecure

WithSecure

WithSecure (formerly F-Secure Business) is your reliable cyber security partner, providing outcome-based cyber security that protects and enables operations.

Mitigate Cyber

Mitigate Cyber

Mitigate Cyber (formerly Xyone Cyber Security) offer a range of cyber security solutions, from threat mitigation to penetration testing, training & much more.

UK Cyber Cluster Collaboration (UKC3)

UK Cyber Cluster Collaboration (UKC3)

UKC3 has been launched to support Cyber Clusters and encourage greater collaboration across regions and nations of the UK.

ELLIO Technology

ELLIO Technology

ELLIO Technology is a cybersecurity company that reduces alert overload, improves incident response, and helps security teams target serious attackers who pose a real threat.

ClearSky Cyber Security

ClearSky Cyber Security

ClearSky cyber security provides cyber solutions, focused on threat intelligence services, mainly for the financial sector, critical infrastructure, public sector and the pharma sector.

White Knight Labs

White Knight Labs

White Knight Labs is a cyber security consultancy that specializes in cybersecurity training.

NinjaOne

NinjaOne

The NinjaOne Platform was built to help IT and MSP teams efficiently manage, patch, and support all endpoints.