Last month maritime trend news June 08, 2023 - July 05, 2023
|
|
|
Maritime Cybersecurity News by DSLABcompany |
|
|
ArticleShipping industry expects cyber-attack deaths, collisions, and groundings
Maritime cyber security needs more investment, better regulation, and sharing of incident experiences, according to a DNV report. DNV published “Maritime Cyber Priority 2023,” a 29-page report from DNV which includes results from a survey of 801 maritime professionals covering the perceived threats, preparedness and challenges related to cyber security. Respondents painted a bleak picture of the threat from cyber-attacks to the maritime industries, with 90% of respondents expecting disruption of ship/fleet operations from cyber incidents, 79% expecting theft of property/cargo, 76% expecting damage to port/cargo handling infrastructure and 72% expecting harm to the environment. “According to our research, more than six in 10 industry professionals expect cyber-attacks to cause ship collisions (60%) and groundings (68%) within the next few years. More than three-quarters (76%) believe a cyber incident is likely to force the closure of a strategic waterway,” said the report.
|
|
|
ArticleTime to Take a New Approach to Maritime Cybersecurity
Cyber security within the maritime space offers both challenges and opportunities. Both are reasonably apparent to anyone operating in the maritime sector, but some are more serious than others – for example, high costs, a lack of available resources, inconsistent guidance, and an unclear way ahead. However, this opinion piece is more about the opportunities presented and the first step along that journey. The first step begins in the supply chain and its gradual digitalization. Traditionally, the transportation sector has been divided according to its infrastructure. Trucking, rail, and maritime sectors have been treated within their own regulatory domains. The result has been a patchwork of imperfectly connected subsystems. The opportunity becomes clear when we consider the transportation network to which each of these modes belongs. The transportation network and the supply chain are nearly synonymous. The supply chain converts raw products into a final product through a journey that ultimately ends with the customer. This involves activities such as collection, processing, manufacturing, or assembly at specific nodes and then movement to the next phase until the consumer or client ultimately receives the product.
|
|
|
|
The majority of maritime professionals expect cyber attacks to disrupt ship operations in the coming years, with more than three quarters believing an incident is likely to force the closure of a strategic waterway. A survey of 801 industry professionals by class society DNV found that more than half also expect cyber incidents to cause ship collisions, groundings, and even result in physical injury or death. Although the maritime industry has focused on improving IT security in recent decades, DNV said the security of operational technology (OT), which manages, monitors, controls, and automates physical assets such as sensors, switches, safety and navigation systems, and vessels, is a more recent and increasingly urgent risk. Three-quarters of those surveyed believe that OT security is a significantly higher priority for their organisation than it was just two years ago; however, just one in three in the industry are confident that their organization’s OT cyber security is as strong as its IT security. “The maritime industry is still thinking IT in an era of connected systems and assets,” said Svante Einarsson, head of maritime cyber security advisory at DNV. “With ship systems being increasingly interconnected with the outside world, cyber attacks on OT are likely to have a bigger impact in the future.” According to DNV’s analysis, while the age of connection brings new threats, it also brings new opportunities. Almost all maritime professionals agreed the future of the industry relies on an increase in connected networks, and that connected technologies are helping the industry reduce emissions. |
|
|
OpinionOp-Ed: Protecting vessels against phishing and malware intrusion
In 2019, the Coast Guard reported that a deep draft vessel on an international voyage experienced a significant cyber incident that impacted its shipboard network just as it was entering the Port of New York and New Jersey. And last month (May 2023), the Coast Guard advised of active email phishing and malware intrusion attempts that targeted commercial vessels. The release highlighted that cybercriminals are attempting to gain sensitive information, including the content of an official Notice of Arrival, using phishing email addresses with a sender posing as an official Port State Control (PSC) authority. The Coast Guard also reported that in some cases the criminals have attempted to install malicious software designed to disrupt shipboard computer systems. In today’s information-heavy world, malicious actors can easily leverage openly available ship and ship operator information to create apparently legitimate phishing emails. They then use the data to design campaigns that threaten ship control and safety and even redirect money transfers (known as business email compromise) |
|
|
The website of the port of Rotterdam was targeted in a cyberattack blamed on Russia-aligned hackers last week. Several Dutch ports including Amsterdam and Groningen also faced distributed-denial-of-service attacks, known as DDoS, according to port authorities. The port of Rotterdam received information from the Dutch National Cyber Security Center that pro-Russian groups were responsible for the attack, a spokesperson said by phone. Dutch news outlet RTL, which first reported the incidents, said a hacker group it called “NoName057(16)” claimed the attacks were a response to the Netherlands’s plans to buy Swiss tanks for Ukraine. Earlier this year, intelligence agencies warned the Dutch maritime infrastructure faces the threat of sabotage from Russia. While the port of Amsterdam’s website didn’t work for over an hour on June 6, Groningen Seaports experienced online disruption lasting two days. The ports didn’t pay any ransom to the attackers and no data was stolen, said the spokespeople. The attacks were carried out from Russian and Serbian IP addresses, according to information the port of Rotterdam received from its service provider, the spokesperson said.
|
|
|
|
Several shipping and logistics websites in Israel were hacked to gather information about their users, according to a report by Tel Aviv-based cybersecurity company ClearSky. The company attributes these attacks “with a low confidence” to the Iranian nation-state hacker group Tortoiseshell, also called TA456 and Imperial Kitten. The threat actor has been active since at least July 2018. The hacking campaign targeted at least eight Israeli websites — including shipping company SNY Cargo, logistics firm Depolog and restaurant equipment supplier SZM — with a watering hole attack. Most websites were already cleared of the malicious code as of April 18, ClearSky said. Watering hole attacks have been used by Iranian hackers since 2017, according to ClearSky researchers. Last year, for example, a suspected Iranian threat actor tracked by Mandiant as UNC3890 used this method to target shipping, healthcare, government, and energy companies in Israel. In the recent attack, hackers used malicious JavaScript. The collected data includes the user's IP address, screen resolution and the URL of the previously visited webpage.. The hackers also tried to determine the user’s computer language preference to customize their attacks in the future, ClearSky said The majority of the compromised websites were using the uPress hosting service, which was targeted in 2020 by the Iranian group Emennet Pasargad. Thousands of Israeli sites were defaced as a result. |
|
|
info@dslabcompany.com
Samsung IT Harrington Tower 716, Geumcheon-Gu Digital-Ro 9 Gil, Seoul(08511) |
|
|
|
