UN Maritime Shipping Agency Forced Offline

The United Nations (UN) agency for international maritime shipping came under a cyber-attack early in October which took a number of services offline and there is speculation that the incident was a ransomware attack.

The International Maritime Organisation (IMO) is responsible for the regulation, safety and security of global shipping. It  has now revealedhat its website was “undergoing some technical issues.” It admitted a day later that these had actually been caused by malicious actors.

In an announcement, the IMO said its Global Integrated Shipping Information Systems (GISIS) database, document repository IMODOCS, and its Virtual Publications service had been affected by the attack but were now restored.  The organisation’s email and virtual meeting platforms were unaffected.

The IMO said restoration of the other unnamed services affected by the attack would take place “as soon as possible and as safe as possible....The interruption of web-based services was caused by a sophisticated cyber-attack against the organization’s IT systems that overcame robust security measures in place. IMO has ISO/IEC 27001:2013 certification for its information security management system. IMO was the first UN organisation to get this certification in 2015,” the IMO explained.

The IMO headquarters file servers are located in the UK, with extensive backup systems in Geneva. The backup and restore system is regularly tested. Following the attack, the secretariat shut down key systems to prevent further damage from the attack.

The  French maritime shipping giant CMA CGM had a similar outage after a breach at its Chinese offices which knocked out some servers and applications.

IMO:     Infosecurity Magazine:      MyTechDecsions:  

You Might Also Read:

Cyber Security Deadline For Mariners:

 

« Protecting The Security Of Australian Universities
IBM Restructures To Concentrate On The Cloud »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Bsquare

Bsquare

Bsquare DataV software and engineering services help enterprises implement business-focused Internet of Things systems.

Fastpath Solutions

Fastpath Solutions

Fastpath deliver software solutions that enable you to take control of your security, compliance and risk management initiatives.

PrimaTech

PrimaTech

PrimaTech provide process safety, cyber and process security, and risk management consulting, training and software for the process industries.

Cyberwrite

Cyberwrite

Cyberwrite was founded to provide underwriters around the world a unique and innovative Cyber Underwriting platform.

OneWelcome

OneWelcome

Onegini and iWelcome have merged to become OneWelcome, the largest European Identity Access Management Saas Vendor.

Armorblox

Armorblox

Armorblox stops targeted email attacks such as 0-day credential phishing, payroll fraud, vendor fraud, and other threats that get past legacy security controls.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Finosec

Finosec

Finosec's mission is to change the way information security and cybersecurity are managed in banking.

DataDog

DataDog

DataDog provides Cloud-native Security Monitoring. Real-time threat detection across your applications, network, and infrastructure.

Redwall Technologies

Redwall Technologies

Redwall provides cybersecurity expertise and technology to prevent and respond to emerging threats against mobile applications and connected infrastructures.

Illuma Labs

Illuma Labs

Illuma Labs delivers real-time voice authentication and fraud prevention solutions.

The ATOM Group

The ATOM Group

ATOM builds and secures technology for regulated industries. We design and build for a future we can all trust.

Cybergroot

Cybergroot

Cybergroot provides Cybersecurity Assessment services and professional Information Security trainings.

Trackd

Trackd

At trackd, we’re re-imaging vulnerability remediation for the benefit of the entire cyber security community. Automating Vulnerability Remediation without the Fear of Disruption.

CAT Labs

CAT Labs

CAT Labs is building digital asset recovery and cybersecurity tools to enable governments to fight crypto crime and to protect investors from hacks, fraud and scams.

Gcore

Gcore

Gcore is an international leader in public cloud and edge computing, content delivery, hosting, and security solutions.