Denmark's Maritime Cybersecurity Plan Highlights Financial Threats

Uploaded on 2019-01-30 in FREE TO VIEW, BUSINESS-Services-Transport & Travel, NEWS-News Analysis

A new cybersecurity strategy for Denmark has classified financial threats to the maritime sector from cyber criminals and 'government-backed hackers' using ransomware as 'very high' but cyber terrorism threats as low. 

The Danish Maritime Authority (DMA) published its Cyber and Information Security Strategy for the Maritime Sector 2019-2022 following a threat assessment from Denmark's Centre for Cyber Security (CFCS).

CFCS' threat assessment concluded that "the general cyber threat against the maritime sector is directed against commercial businesses and does not currently pose a direct threat to maritime operations". The likelihood of 'destructive cyber attacks' and cyber terrorism in the maritime sector is low, it said, particularly outside of conflict areas. 

"Terrorist groups have only shown a limited interest in the maritime sector. Also, terrorist groups lack the capabilities and resources to launch spectacular cyber-attacks against the maritime sector," the CFCS assessment said.

Cyber criminals and state-backed actors bent on espionage and blackmail present a far greater risk.

"It is assessed that states systematically use cyber espionage as a means to achieve industrial and business advantages and promote political and economic interests... In particular, there is a considerable threat from cyber criminals aiming to blackmail public authorities, businesses and individuals (ransomware)," the assessment found. 

"Networks of cyber criminals exist that are organised and work towards long-term objectives, and cyber-crimes are probably also committed by government-backed hackers."

The DMA also commissioned a risk and vulnerability analysis as part of its preparation for the cyber security strategy. Prepared by external consultants, the analysis took in data and dialogue from Denmark's maritime sector, involving the NATO-formed Danish Shipping Board and other public authorities. 

Those interviewed for the risk analysis said increased use of information technology (IT) on board vessels had driven up dependency on the systems for core maritime activities and the analysis found private sector maritime players take a 'broad approach' to cybersecurity.

According to the analysis, the biggest risks to the sector stem from a slow response to technical vulnerabilities, a 'technology gap' between IT systems and operational technology (OT) systems such as propulsion, a lack of procedures for ensuring software upgrades and the vulnerability of critical systems to targeted attack.

Consequences from the threats include data loss, data integrity loss, reputational damage and a pronounced risk of financial loss. 

MarineMec.com

You Might Also Read:

Optimising Maritime Cybersecurity:


 

 

 

« Financial Executives Are Out Of Touch With Cyber Threats
US Intelligence Chief Warns Of ‘ever more diverse’ Threats »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Sapphire

Sapphire

Sapphire deliver flexible and scalable cybersecurity solutions, helping organisations to detect, protect, respond and remediate against cyber threats.

Daon

Daon

Daon offers a universal biometric authentication platform for mobile devices.

Engage Black

Engage Black

Engage Black provides solutions for securing and protecting cryptographic keys, data at rest, and data in motion.

Wayra UK

Wayra UK

Wayra UK, part of Telefónica Open Future, has been chosen to run a new cyber accelerator facility to help UK start-ups grow and take the lead in producing the next generation of cyber security systems

Hornetsecurity

Hornetsecurity

Meet Hornetsecurity – Leading Cloud Email Security Provider. We protect global organizations so you can focus on what you do best.

SCADASUDO

SCADASUDO

SCADASUDO is a cyber solution architecture and design office, established by leading experts in the field of OT (Industrial control) and IT (information Technology).

Cybertonica

Cybertonica

Cybertonica is a FinTech company which detects and prevents fraudulent transactions and reduces risk for financial services organisations.

Intrinium

Intrinium

Intrinium is an Information Technology and Security Solutions company, providing comprehensive consulting and managed services to businesses of all sizes.

River Loop Security

River Loop Security

River Loop Security specialize in solving complex cybersecurity challenges in the IoT and embedded devices space.

TRU Staffing Partners

TRU Staffing Partners

TRU Staffing Partners is an award-winning contract staffing and executive search firm for cybersecurity, eDiscovery and privacy companies and professionals.

SnapAttack

SnapAttack

SnapAttack is a collaborative platform that empowers your security team to stay ahead of threats, create robust behavioral analytics for your existing tools, and prove your program's effectiveness.

6clicks

6clicks

6clicks is an easy way to implement your risk and compliance program or achieve compliance with ISO 27001, SOC 2, PCI-DSS, HIPAA, NIST, FedRAMP and many other standards.

Stronghold Cyber Security

Stronghold Cyber Security

Stronghold Cyber Security is a consulting company that specializes in NIST 800, the Cybersecurity Framework and the Cybersecurity Maturity Model Certification.

META-Cyber

META-Cyber

META-cyber was founded by engineers with experience in process and control-protection to provide cyber security for industrial infrastructure.

Acora

Acora

Acora provide a range of best-in-class managed services, Microsoft-centric business software, and cloud solutions designed to help mid-market organisations succeed in the digital economy.

Cisco Systems

Cisco Systems

Cisco helps seize the opportunities of tomorrow by proving that amazing things can happen when you connect the unconnected.