Maritime Cyber Attacks Quadruple

The Coronavirus pandemic is leaving the maritime and offshore energy sectors vulnerable to cyber-attack, with the maritime security firm Naval Dome citing a massive 400% increase in attempted hacks since February 2020. 

An increase in malware, ransomware and phishing emails exploiting the Covid19 crisis is the primary reason behind the spike. Naval Dome says that travel restrictions, social distancing measures and economic recession are beginning to bite into a company’s ability to sufficiently protect itself.

The global crisis and social distancing measures are preventing specialist maritime technicians flying out to ships and oil rigs to upgrade and service critical systems, resulting in operators circumventing established security protocols, leaving them open to attack.

IT and other maritime Operating systems (OT) are no longer segregated and individual endpoints, critical systems and components may become vulnerable. Some of these are legacy systems which have no security update patches and are even more vulnerable. 

The increase in specialist maritime security personnel working remotely on home networks and personal computers and WiFi routers just makes the problem worse.

The economic downturn and the drop in the price of crude oil is also having an effect, with oil companies and contractors being faced with limited budgets available to implement effective cyber security measures. The Mission to Seafarers has published a COVID-19 special issue of its Seafarer Happiness Index report, which shows a growing feeling of confusion from crew changing as the landscape shifts around them. According to the report, shore leave, which is already a problematic issue, has become even more difficult for seafarers as ports are locked down and there are fears of contracting the virus. 

Seafarers also reported feeling that not enough is being done to ensure the safety of those onboard and a feeling of loneliness, physical and mental exhaustion, and homesickness.

Shen Attacks
A report, written by the University of Cambridge Centre for Risk Studies last year, called the Shen Attack: Cyber risk in Asia Pacific Ports, says that a cyber attack on ports could cause substantial economic damage to a wide range of business sectors globally due to the inter-connectivity of the maritime supply chain. 

The combination of ageing shipping infrastructure and complex supply chains makes the shipping industry vulnerable to attack and consequentially huge losses. 

While the Shen attack is not a definitive forecast, it does highlight the need for vigilance in an industry that could be brought to its knees by a cyber event originating in Asia and spreading to Europe, America and the rest of the world. 

The report is the second publication from the Cyber Risk Management project, the Singapore-based public-private initiative that assesses cyber risks, of which Lloyd’s is one of the founding members. Shen Attack estimates that losses of up to $110 billion would occur in an extreme scenario in which a computer virus infects 15 ports. Transportation, aviation and aerospace sectors would be the most affected ($28.2 billion total economic losses), followed by manufacturing ($23.6 billion) and retail ($18.5 billion).  

Offshore Energy:       Splash247:        Hellenic Shipping News:      Digital Ship:     HSToday

You Might Also Read: 

New Guidelines For Maritime  Cyber Security:

 

« Managing Your Cyber Security, Detection & Response
Your Phone Is Spying On You »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

CW Jobs

CW Jobs

CWJobs.co.uk is a leading specialist IT recruitment website covering all areas of IT including Cyber Security.

Synology

Synology

Synology provides high-performance, reliable, and secure Network Attached Storage (NAS) products.

Conix

Conix

Conix offerings include Governance and Risk Management, Auditing and Penetration Testing, Digital Forensics, Managed Security Operations Centre (SOC).

RedLock

RedLock

The RedLock Cloud 360TM platform correlates disparate security data sets to provide a unified view of risks across fragmented cloud environments.

MaskTech

MaskTech

MaskTech supplies highest security embedded chipsets, operating systems and related middleware for electronic identification cards, travel documents and authentication solutions.

GlassSquid

GlassSquid

glasssquid.io simplifies your cyber security job search. We want to help you find your next perfect fit opportunity by removing the confusion.

Smart Protection

Smart Protection

Smart Protection are experts in brand and trademark protection - we fight against counterfeits and unauthorized usages of brands with machine learning technology.

swIDCH

swIDCH

swIDch is a technology company that aims to eliminate CNP (card not present) Fraud.

Space ISAC

Space ISAC

Space ISAC is the only all-threats security information source for the public and private space sector.

Traced

Traced

At Traced, our aim is to redefine mobile cyber security to provide the best possible protection to everyone against breaches of privacy and security.

Protek International

Protek International

Protek International delivers world-class Digital Forensics, eDiscovery, Cyber Security, and related Advisory services.

Speedinvest

Speedinvest

Speedinvest is one of Europe’s most active early-stage investors with a focus on Deep Tech, Fintech, Industrial Tech, Network Effects, and Digital Health.

ramsac

ramsac

ramsac provide secure, resilient IT management, cybersecurity, 24 hour support and IT strategy to businesses in London and the South East.

Ibento Global

Ibento Global

Ibento organises the CyberX series of cybersecurity conferences.

Association of Azerbaijani Cyber Security Organizations (AKTA)

Association of Azerbaijani Cyber Security Organizations (AKTA)

The Association of Azerbaijani Cyber Security Organizations (AKTA) is a non-commercial organization aimed at strengthening the country's cybersecurity system.

Jot Digital

Jot Digital

Jot Digital is a full-service technology company specializing in digital engineering, application modernization and business transformation.