Maritime Cyber Attacks Quadruple

Uploaded on 2020-06-17 in TECHNOLOGY--Hackers, FREE TO VIEW, BUSINESS-Services-Transport & Travel

The Coronavirus pandemic is leaving the maritime and offshore energy sectors vulnerable to cyber-attack, with the maritime security firm Naval Dome citing a massive 400% increase in attempted hacks since February 2020. 

An increase in malware, ransomware and phishing emails exploiting the Covid19 crisis is the primary reason behind the spike. Naval Dome says that travel restrictions, social distancing measures and economic recession are beginning to bite into a company’s ability to sufficiently protect itself.

The global crisis and social distancing measures are preventing specialist maritime technicians flying out to ships and oil rigs to upgrade and service critical systems, resulting in operators circumventing established security protocols, leaving them open to attack.

IT and other maritime Operating systems (OT) are no longer segregated and individual endpoints, critical systems and components may become vulnerable. Some of these are legacy systems which have no security update patches and are even more vulnerable. 

The increase in specialist maritime security personnel working remotely on home networks and personal computers and WiFi routers just makes the problem worse.

The economic downturn and the drop in the price of crude oil is also having an effect, with oil companies and contractors being faced with limited budgets available to implement effective cyber security measures. The Mission to Seafarers has published a COVID-19 special issue of its Seafarer Happiness Index report, which shows a growing feeling of confusion from crew changing as the landscape shifts around them. According to the report, shore leave, which is already a problematic issue, has become even more difficult for seafarers as ports are locked down and there are fears of contracting the virus. 

Seafarers also reported feeling that not enough is being done to ensure the safety of those onboard and a feeling of loneliness, physical and mental exhaustion, and homesickness.

Shen Attacks
A report, written by the University of Cambridge Centre for Risk Studies last year, called the Shen Attack: Cyber risk in Asia Pacific Ports, says that a cyber attack on ports could cause substantial economic damage to a wide range of business sectors globally due to the inter-connectivity of the maritime supply chain. 

The combination of ageing shipping infrastructure and complex supply chains makes the shipping industry vulnerable to attack and consequentially huge losses. 

While the Shen attack is not a definitive forecast, it does highlight the need for vigilance in an industry that could be brought to its knees by a cyber event originating in Asia and spreading to Europe, America and the rest of the world. 

The report is the second publication from the Cyber Risk Management project, the Singapore-based public-private initiative that assesses cyber risks, of which Lloyd’s is one of the founding members. Shen Attack estimates that losses of up to $110 billion would occur in an extreme scenario in which a computer virus infects 15 ports. Transportation, aviation and aerospace sectors would be the most affected ($28.2 billion total economic losses), followed by manufacturing ($23.6 billion) and retail ($18.5 billion).  

Offshore Energy:       Splash247:        Hellenic Shipping News:      Digital Ship:     HSToday

You Might Also Read: 

New Guidelines For Maritime  Cyber Security:

 

« Managing Your Cyber Security, Detection & Response
Your Phone Is Spying On You »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

ActiveCyber

ActiveCyber

ActiveCyber is a source for news, reviews, learning, and technological innovation in the active cyber defense industry.

Quick Heal Technologies

Quick Heal Technologies

Quick Heal Technologies is a leading IT security solutions provider focused on endpoint and network security solutions.

Trapezoid

Trapezoid

Trapezoid is a cybersecurity company developing Firmware Integrity Management solutions designed to detect unauthorized changes to firmware & BIOS across the entire data center infrastructure.

Idaho National Laboratory (INL)

Idaho National Laboratory (INL)

INL is an applied engineering laboratory dedicated to supporting the US Dept of Energy's missions in energy research, nuclear science and national defense including critical infrastructure protection.

Momentum Cyber

Momentum Cyber

Momentum Cyber provides world-class M&A and strategic advice combined with unparalleled senior-level access to the Cybersecurity ecosystem.

Centro de Gestion de Incidentes Informaticos (CGII)

Centro de Gestion de Incidentes Informaticos (CGII)

CGII is the Computer Incident Management Center of the State of Bolivia.

AimBrain

AimBrain

AimBrain tools detect and prevent fraud, faster and more accurately than ever before.

DeuZert

DeuZert

DeuZert is an accredited German certification body in accordance with ISO/IEC 27001 (Information Security Management).

Apozy

Apozy

Apozy replaces a secure web gateway to nullify phishing, malware and impersonation attacks.

AXELOS

AXELOS

AXELOS develops best practice frameworks and methodologies used globally by professionals working primarily in IT management and cyber resilience.

SurePassID

SurePassID

SurePassID is a provider of highly secure, highly extensible multi-factor authentication (MFA) solutions.

Stacklet

Stacklet

Stacklet provides cloud governance as code platform that accelerates how Global 2000 manages its security, asset visibility, operations, and cost optimization policies in the cloud.

Metmox

Metmox

Metmox mission is to be trusted advisor and partner to protect our customer’s evolving Cloud, Network, Application, IT infrastructure and cybersecurity needs.

PureSquare

PureSquare

PureSquare exist to empower people with simple solutions for their increasingly complex digital security & online privacy needs.

The Cyber Scheme

The Cyber Scheme

The Cyber Scheme provides NCSC certified and assured assessments, training and career support for security testers & technical cyber professionals.

LT Harper

LT Harper

LT Harper specialise in cyber security recruitment. We believe in providing an individualised service to our customers whether they are looking for a new opportunity or to hire talent.