Cyber-Attacks On Maritime Oil Tankers

Four tankers have been attacked outside the strategically important Strait of Hormuz between the Persian Gulf and the Gulf of Oman. The vital waterway  provides the only sea passage from the Persian Gulf to the open ocean and is one of the world's most strategically important choke points. 

Local reports suggest the attackers jammed GPS to prevent the ships from evading attack. The oil tankers were all operating near the bunkering port of Fujairah located in the United Arab Emirates and the attacks took place over the weekend of 11th and 12th of May.

In a separete incident, two pump stations on Saudi Arabia’s most strategically important pipeline “were attacked by armed drones” causing a fire that was soon extinguished. Saudi Arabia’s energy minister, Khalid al-Falih, in a statement, called it “terrorism and sabotage"

Indications are that these incidents could develop to include cyber-attacks on vessels operating in the region.

Itai Sela, a former senior officer in the Israeli military and CEO of maritime cybersecurity firm Naval Dome commented:

“It is highly likely that vessels operating in high-risk areas could be targeted, systems hacked and GPS spoofed in order to render vessels immobile or re-directed as part of wider actions. There has been increased activity in the cyber domain over the last few months, which is very worrying.

"Shipowners with operations in the area must be vigilant and carry out inspections of all their PC-based navigation and machinery control systems. Ship operators should not allow crew members or technicians to plug-in USBs or external devices onboard or download maps and charts for specific areas, unless they absolutely need to do so. We also advised that operators check their insurance policies to ensure that OT systems are covered in the event of any cyber damage.”

A Saudi government statement blamed the Iranian-backed Houthis engaged in the civil war with the Saudi-backed government in Yemen. Iranian proxies are also fingered for the recent barrage of rockets and cyber attacks on Israel from Hamas-run Gaza..

US national security advisor John Bolton warned of “troubling and escalatory indications and warnings” regarding Iran.

Forbes:     Naval Dome:

You Might Also Read: 

Has President Trump Lost The Cyber Plot?

The Maritime Shipping Industry Should Be On Red Alert:

 

« Britain To Initiate Online “Porn Ban’
G7 To Simulate Cross-Border Cyber Attack »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of completely automatic, fully encrypted online, cloud backup.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Stratogent

Stratogent

Stratogent is a custom managed services organization based in San Mateo, California. We design, implement and support mission critical infrastructure

Kanda

Kanda

Kanda offer software development and full cycle quality assurance and application testing services.

Accolade Technology

Accolade Technology

Accolade provides the most technologically advanced host cpu offload, 100% packet capture FPGA-based PCIe adapters and 1U platforms available in the network monitoring and cyber security markets.

GuardSquare

GuardSquare

GuardSquare is the global reference in mobile application protection. We develop premium software for the protection of mobile applications against reverse engineering and hacking.

Vdoo

Vdoo

Vdoo provides an end-to-end product security platform for automating all software security tasks throughout the entire product lifecycle.

ES2

ES2

ES2 is a consulting organisation specialising in Enterprise Security and Solutions Services.

Bl4ckswan

Bl4ckswan

Bl4ckswan is a Management Consulting firm specialized in the delivery of information security and compliance services.

Intercast Global

Intercast Global

Intercast's mission is to be a strategic resource to our clients in Risk Reduction. We are a global leader in cyber security staffing and consulting to the enterprise.

Fairfirst Insurance

Fairfirst Insurance

Fairfirst Cyber Insurance protects your business assets against the complexity of cyber threats.

Sylint

Sylint

Sylint is an internationally recognized cyber security and digital data forensics firm with extensive experience discretely addressing some of today’s biggest cyber breaches.

AEWIN Technologies

AEWIN Technologies

AEWIN is professional in the fields of Network Appliance, Cyber Security, Server, Edge Computing and an ODM/OEM expert.

xorlab

xorlab

xorlab is a Swiss cybersecurity company providing specialized, machine-intelligent defense against highly engineered, sophisticated and targeted email attacks.

BitTrap

BitTrap

BitTrap helps companies worldwide detect attackers and put an early end to breaches, preventing data exfiltration and ransomware altogether.

Zilla Security

Zilla Security

Zilla combines identity governance with cloud security to deliver comprehensive access visibility, reviews, lifecycle management, and policy-based security remediation.

Obscure Technologies

Obscure Technologies

Obscure Technologies is a firm of experts, specialised in brokering the best security solutions to market.

Silk Security

Silk Security

Silk is the first platform that enables enterprises to take a strategic, sustainable approach to resolving code, infrastructure and application risk.