Ever Increasing Attacks On Maritime Ports & Systems

Uploaded on 2021-10-13 in TECHNOLOGY--Hackers, FREE TO VIEW, BUSINESS-Services-Transport & Travel

The cyber threat to the maritime industry is real, significant and frequently taking place. Attacks on the maritime industry’s operational technology systems have increased by 900% over the last three years with the number of reported incidents set to reach record volumes by year end. 

Cybersecurity and Infrastructure Security Agency (CISA) director Jen Easterly has revealed to a Senate committee that malicious hackers targeted the Port of Huston in August.

Houston is a 25-mile-long port complex is one of the largest on the US Gulf Coast and handles around 247 million tons of cargo per year. Threat actors installed malicious code to expand their access to the system and then exfiltrated all the login credentials held in Microsoft password management software used to control network access.  Authorities believe the attack was sponsored by a foreign power.

Cyber attacks on port systems are no longer considered hypothetical and preparations in case of a cyber breach make people far more likely to act correctly if a breach takes place. However, a cyber attack scenario on a container ship calling at a port illustrates two facts:-

  • There are a large number of contracts between the various parties involved.
  • The answers to the legal questions surrounding cyber attacks remains untested and usually uncertain.  

The maritime shipping industry has grown more alert to cyber risk particularly in the wake of the 2017 NotPetya malware attack that crippled ports, terminals and cargo handling operations.  

In June 2017 the Maersk shipping company was hit by a cyber attack. The NotPetya virus entered Maersk’s systems through a widely used piece of tax accounting software in Ukraine. Maersk was not the intended target for the attack, but the consequences for the company were very real. The virus spread through the company globally and made all their applications and data unavailable for several days. Worldwide operations, including its Rotterdam terminal, were seriously affected, with losses in the region of $200-300million.  

NotPetya could attack the Maersk global network because it was loaded onto one unpatched computer operating in a single local office connected to the global network. The incident shows the vulnerability of everyone to cyber attacks and you do not have to be the intended victim to be badly affected.

Maersk could recover relatively quickly because it recognised that resilience and recovery processes are as important as trying to prevent an attack. Being able to recover all your systems and data from secure backups within hours of an attack will protect your business from potentially serious financial and reputational damage. 

In other cyber security incidents, port assets have been infected with malware and there has been unintentional jamming or interference with wireless networks.

There are some important things for port authorities and operators  to consider: 

  • Do you operate or occupy a port or port facility that has electronic or computer-based systems? 
  • If the port systems were to fail, malfunction or were misused, would this result in economic,  operational, physical or reputational loss or damage, or disrupt operations? 
  • Do you own an information asset that includes information about your strategy or commercial operations, either the construction or the operation of your port or port facility, including any port systems? 
  • If this information asset were compromised, could this result in economic, operational, physical or reputational loss or damage? 

If your answer to any of the above questions is ‘yes’, then the updated British  Code of Practice Cyber Security for Ports and Port Systems) is essential reading to determine who in your organisation needs to take action. 

The Belgian Port of Antwerp has recently carried out unique trials involving a ‘fixed-wing’ drone providing images of realistic incident scenarios. The port of Antwerp is over 120 km in size and forms part of Belgium’s critical infrastructure. Thanks to the unique views they provide from the air, drones can make a significant contribution to overall safety within this complex environment. 

Cyber security is not just about preventing hackers gaining access to systems and information. It also addresses the maintenance, integrity, confidentiality and availability of information and systems, ensuring business continuity and the continuing utility of cyber assets.

When designing port systems or when supporting operational processes, port operators need to consider how to protect systems from both physical attack, malicious online attacks and the ever present insider threat from their own employees.

GovUK / IET:      Insurance Marine News:      Infosecurity Magazine:     Port of Houston:     I-HLS:

You Might Also Read:

Outdated Strategies In Maritime Cyber Security:

« The Many Dangers Of WFH
Russia's Criminal Hackers »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Frazer-Nash Consultancy

Frazer-Nash Consultancy

Frazer-Nash is a leading engineering, systems and technology company. Areas of expertise include information security and cyber security.

Information Security Systems (ISSCOM)

Information Security Systems (ISSCOM)

ISSCOM provide services to help companies implement Information Security Management Systems (ISMS) by providing consultancy and hands-on assistance.

XenArmor

XenArmor

XenArmor products include NetCertScanner, an enterprise software to scan & manage expired SSL Certificates on your local network or internet.

International Telecommunication Union (ITU)

International Telecommunication Union (ITU)

ITU is the United Nations specialized agency for information and communication technologies – ICTs. Areas of activity include cybersecurity.

IT Security House

IT Security House

IT Security House is a leading European supplier of Cyber Security Intelligence and eCrime services.

Lawley Insurance

Lawley Insurance

Lawley is a full-service, independent insurance agency. Specialty insurance products include Cyber Security.

Wind River

Wind River

Wind River delivers the technology and expertise that enables the deployment of safe, secure, and reliable intelligent connected systems.

Magtech Solutions

Magtech Solutions

Magtech Solutions is a one-stop IT Solutions provider offering Cloud Computing, IT Security, Unified Email Solutions and ERP systems.

QI ANXIN Technology Group

QI ANXIN Technology Group

QI ANXIN specializes in serving the cybersecurity market by offering next generation enterprise-class cybersecurity products and services to government and businesses.

Stratum Security

Stratum Security

Stratum Security is an information security consulting company that focuses on providing clear and concise risk guidance to its clients through high quality assessment services.

Financial Services Information Sharing and Analysis Center (FS-ISAC)

Financial Services Information Sharing and Analysis Center (FS-ISAC)

The Financial Services Information Sharing and Analysis Center is the only global cyber intelligence sharing community solely focused on financial services.

Prelude Research

Prelude Research

Prelude offer the first autonomous platform built to attack, defend and train critical assets through continuous red-teaming.

CyberloQ Technologies

CyberloQ Technologies

CyberloQ Secure is a cybersecurity solution that enables clients to implement highly robust Multi-Factor Authentication (MFA) that includes client-defined location-based geofencing constraints.

UberEther

UberEther

UberEther are a dedicated group of software developers and consultants developing and deploying the next generation of identity management and cloud solutions.

Upwind Security

Upwind Security

Upwind delivers comprehensive cloud security, precisely when and where it’s most critical.

Konsulko Group

Konsulko Group

Konsulko Group offers embedded Linux software and hardware development and Yocto Project services.