Maritime Cyber Attacks Quadruple

Uploaded on 2020-06-17 in TECHNOLOGY--Hackers, FREE TO VIEW, BUSINESS-Services-Transport & Travel

The Coronavirus pandemic is leaving the maritime and offshore energy sectors vulnerable to cyber-attack, with the maritime security firm Naval Dome citing a massive 400% increase in attempted hacks since February 2020. 

An increase in malware, ransomware and phishing emails exploiting the Covid19 crisis is the primary reason behind the spike. Naval Dome says that travel restrictions, social distancing measures and economic recession are beginning to bite into a company’s ability to sufficiently protect itself.

The global crisis and social distancing measures are preventing specialist maritime technicians flying out to ships and oil rigs to upgrade and service critical systems, resulting in operators circumventing established security protocols, leaving them open to attack.

IT and other maritime Operating systems (OT) are no longer segregated and individual endpoints, critical systems and components may become vulnerable. Some of these are legacy systems which have no security update patches and are even more vulnerable. 

The increase in specialist maritime security personnel working remotely on home networks and personal computers and WiFi routers just makes the problem worse.

The economic downturn and the drop in the price of crude oil is also having an effect, with oil companies and contractors being faced with limited budgets available to implement effective cyber security measures. The Mission to Seafarers has published a COVID-19 special issue of its Seafarer Happiness Index report, which shows a growing feeling of confusion from crew changing as the landscape shifts around them. According to the report, shore leave, which is already a problematic issue, has become even more difficult for seafarers as ports are locked down and there are fears of contracting the virus. 

Seafarers also reported feeling that not enough is being done to ensure the safety of those onboard and a feeling of loneliness, physical and mental exhaustion, and homesickness.

Shen Attacks
A report, written by the University of Cambridge Centre for Risk Studies last year, called the Shen Attack: Cyber risk in Asia Pacific Ports, says that a cyber attack on ports could cause substantial economic damage to a wide range of business sectors globally due to the inter-connectivity of the maritime supply chain. 

The combination of ageing shipping infrastructure and complex supply chains makes the shipping industry vulnerable to attack and consequentially huge losses. 

While the Shen attack is not a definitive forecast, it does highlight the need for vigilance in an industry that could be brought to its knees by a cyber event originating in Asia and spreading to Europe, America and the rest of the world. 

The report is the second publication from the Cyber Risk Management project, the Singapore-based public-private initiative that assesses cyber risks, of which Lloyd’s is one of the founding members. Shen Attack estimates that losses of up to $110 billion would occur in an extreme scenario in which a computer virus infects 15 ports. Transportation, aviation and aerospace sectors would be the most affected ($28.2 billion total economic losses), followed by manufacturing ($23.6 billion) and retail ($18.5 billion).  

Offshore Energy:       Splash247:        Hellenic Shipping News:      Digital Ship:     HSToday

You Might Also Read: 

New Guidelines For Maritime  Cyber Security:

 

« Managing Your Cyber Security, Detection & Response
Your Phone Is Spying On You »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Chatham House Cyber Conference

Chatham House Cyber Conference

14 June 2023 - Connect with cyber security experts and senior policymakers to explore the role of cyber security in the global economy and how to deliver an open and secure internet.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

World Privacy Forum (WPF)

World Privacy Forum (WPF)

The World Privacy Forum is a non-profit public interest research group that focuses on privacy and technology issues.

CENTRI Technology

CENTRI Technology

CENTRI provide a standards-based security platform for the Internet of Things.

Australian Cyber Security Centre (ACSC)

Australian Cyber Security Centre (ACSC)

The Australian Cyber Security Centre (ACSC) brings cyber security capabilities from across the Australian Government together into a single location.

AllClear ID

AllClear ID

AllClear ID provides products and services that help protect people and their personal information from threats related to identity theft.

CyberSift

CyberSift

CyberSift is a cyber security provider. We develop threat detection software which needs no infrastructure changes as it integrates with almost any security tool.

OSIRIS Lab - NYU Tandon

OSIRIS Lab - NYU Tandon

The Offensive Security, Incident Response & Internet Security Lab (OSIRIS) is a security research environment where students analyze and understand how attackers take advantage of real systems.

ThreatSpike Labs

ThreatSpike Labs

ThreatSpike Labs provides the first end-to-end fully managed security service for companies of all sizes.

TAC Security

TAC Security

TAC Security is a leading and trusted cyber security consulting partner that specializes in securing the IT infrastructure and assets of enterprises.

Softcat

Softcat

Softcat offer a broad portfolio of IT services and solutions covering Hybrid Infrastructure, Cyber Security, Digital Workspace and IT Intelligence.

AML Global Solutions (AMLGS)

AML Global Solutions (AMLGS)

AMLGS delivers Financial Crime prevention training programmes and consultancy services encompassing Anti-Money Laundering (AML), Counter Terrorism Financing (CTF), Bribery & Corruption and Fraud.

BATM Advanced Communications

BATM Advanced Communications

BATM Advanced Communications is a leading provider of real-time technologies for networking and cyber security solutions.

Lancera

Lancera

Lancera provides growth accelerating Software Development, Web Presence and Cybersecurity Solutions with a focus on customer happiness.

HackNotice

HackNotice

HackNotice Teams is an all-in-one encompassing tool that monitors threats within your organization, different vendors, and third parties whose services you use.

Vectra AI

Vectra AI

Vectra threat detection & response - see and stop threats across hybrid and multi-cloud enterprises.

Cyber Legion

Cyber Legion

Cyber Legion Ltd is a UK-based Cyber Security as a Service (CSaaS) start-up that provides IT security testing services to various organizations around the globe.

Sterling Information Technologies

Sterling Information Technologies

Sterling is an information security, operational risk consulting and advisory group. Our Advisory services help to safeguard information assets while supporting business operations.