Maritime Cyber Attacks Quadruple

Uploaded on 2020-06-17 in TECHNOLOGY--Hackers, FREE TO VIEW, BUSINESS-Services-Transport & Travel

The Coronavirus pandemic is leaving the maritime and offshore energy sectors vulnerable to cyber-attack, with the maritime security firm Naval Dome citing a massive 400% increase in attempted hacks since February 2020. 

An increase in malware, ransomware and phishing emails exploiting the Covid19 crisis is the primary reason behind the spike. Naval Dome says that travel restrictions, social distancing measures and economic recession are beginning to bite into a company’s ability to sufficiently protect itself.

The global crisis and social distancing measures are preventing specialist maritime technicians flying out to ships and oil rigs to upgrade and service critical systems, resulting in operators circumventing established security protocols, leaving them open to attack.

IT and other maritime Operating systems (OT) are no longer segregated and individual endpoints, critical systems and components may become vulnerable. Some of these are legacy systems which have no security update patches and are even more vulnerable. 

The increase in specialist maritime security personnel working remotely on home networks and personal computers and WiFi routers just makes the problem worse.

The economic downturn and the drop in the price of crude oil is also having an effect, with oil companies and contractors being faced with limited budgets available to implement effective cyber security measures. The Mission to Seafarers has published a COVID-19 special issue of its Seafarer Happiness Index report, which shows a growing feeling of confusion from crew changing as the landscape shifts around them. According to the report, shore leave, which is already a problematic issue, has become even more difficult for seafarers as ports are locked down and there are fears of contracting the virus. 

Seafarers also reported feeling that not enough is being done to ensure the safety of those onboard and a feeling of loneliness, physical and mental exhaustion, and homesickness.

Shen Attacks
A report, written by the University of Cambridge Centre for Risk Studies last year, called the Shen Attack: Cyber risk in Asia Pacific Ports, says that a cyber attack on ports could cause substantial economic damage to a wide range of business sectors globally due to the inter-connectivity of the maritime supply chain. 

The combination of ageing shipping infrastructure and complex supply chains makes the shipping industry vulnerable to attack and consequentially huge losses. 

While the Shen attack is not a definitive forecast, it does highlight the need for vigilance in an industry that could be brought to its knees by a cyber event originating in Asia and spreading to Europe, America and the rest of the world. 

The report is the second publication from the Cyber Risk Management project, the Singapore-based public-private initiative that assesses cyber risks, of which Lloyd’s is one of the founding members. Shen Attack estimates that losses of up to $110 billion would occur in an extreme scenario in which a computer virus infects 15 ports. Transportation, aviation and aerospace sectors would be the most affected ($28.2 billion total economic losses), followed by manufacturing ($23.6 billion) and retail ($18.5 billion).  

Offshore Energy:       Splash247:        Hellenic Shipping News:      Digital Ship:     HSToday

You Might Also Read: 

New Guidelines For Maritime  Cyber Security:

 

« Managing Your Cyber Security, Detection & Response
Your Phone Is Spying On You »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

4Secure

4Secure

For over two decades, 4Secure has specialised in cyber security consultancy, safeguarding the worlds critical Infrastructure through securely bridging air gapped networks.

Digitus Biometrics

Digitus Biometrics

Digitus Biometrics is a market leader in biometric access control. We can secure access to any entry point, from the front door to the server rack cabinet.

Plixer

Plixer

Plixer delivers a network traffic analytics system used for monitoring, visualization, and reporting of network and security incidents.

Semperis

Semperis

Semperis is an enterprise identity protection company that enables organizations to quickly recover from accidental or malicious changes and disasters that compromise Active Directory.

SEWORKS

SEWORKS

SEWORKS provides offensive and defensive app security that ensures mobile and web apps are safe from dangerous hacking threats.

CyberTech Network

CyberTech Network

CyberTECH is a global cybersecurity, Internet of Things (IoT) and Smart City network ecosystem and incubator operator.

Segusoft

Segusoft

With its encryption platform SEGULINK, Segusoft provides standard software for companies to securely transfer files and messages.

Canadian Institute for Cybersecurity (CIC)

Canadian Institute for Cybersecurity (CIC)

The Canadian Institute for Cybersecurity (CIC) is a comprehensive multidisciplinary training, research and development, and entrepreneurial unit.

Cycode

Cycode

Cycode is the industry’s first source code control, detection, and response platform.

ACA Group

ACA Group

ACA Group are a leading governance, risk, and compliance (GRC) advisor in financial services.

Robo Shadow

Robo Shadow

Robo Shadow are trying to bridge the gap between the top tier organisations that can afford everything and everyone else who has to “Make it up as they go along” when it comes to Cyber.

Matrium Technologies

Matrium Technologies

Matrium Technologies has been a leading provider of technology solutions since 1991, with a strong industry background in Network Testing, Network Visibility and Security.

Moss Adams

Moss Adams

Moss Adams is a fully integrated professional services firm dedicated to assisting clients with growing, managing, and protecting prosperity.

CoreStack

CoreStack

CoreStack helps enterprises overcome cloud challenges such as ever growing security risks, stringent regulatory compliance needs and operational complexities.

NETAND

NETAND

NETAND privileged access and identity management solutions will secure your business from cyber threats.

TeamT5

TeamT5

TeamT5 Inc. is a leading cybersecurity company dedicated to cyber threat research and solutions.