Maritime Data For Sale On the Dark Web

Ransomware attackers who hacked leading Australian maritime logistics business Toll Group’s corporate server files in May 2020 have published stolen data on the Dark Web, the company has revealed. The hackers used Nefilim ransomware to steal sensistive dat  including Toll employee names, home addresses, age, birthdates, and payroll details including salary, superannuation, and tax file numbers.

While it's not illegal to visit the Dark Web, it provides access to illegal activities. Web sites that exist on the Dark Web are encrypted most commonly through the Tor encryption tool and most Dark Web users access those sites using the Tor browser.

The Dark Web allows users to remain anonymous through encryption. This is attractive to anyone involved in illegal activity, such as child pornography, sex trafficking, illicit drugs, or counterfeit goods. The hackers who scolded Toll did so easily because of  its lack of security measures. “Toll Group failed to secure their network even after the first attack (in January),” read the post, screen grabbed by Data Breach Today. “We have more than 200 GB of archives of their private data.”

Toll have refused ransom demands by the unknown hackers so far. 

The first attack, which took place in January and has since been attributed to a Russian criminal group, a Toll spokesperson has said there has been a second unrelated attack. The second security breach, which took place in May was in concert with a spate of attacks on other industries in Australia. Australia’s trade and diplomatic relationships with China have worsened over issues regarding the COVID-19 pandemic and as yet unattributed cyber attacks on Australian institutions and businesses. 

A recent joint cyber security survey by the international maritime  association BIMCO found the “attack surface” or human element to be a major factor in maritime shipping  industry breaches. 

The survey noted that training in the maritime industry was important to prevent seafarers and dockers opening emails containing malware or inserting infected USB sticks into company computers.

Maritime organisations would stop doing business with a third-party supplier due to a lack of cyber-security protections, according to an industry survey.

More than three-quarters (77%) of respondents to the 2020 Safety at Sea and BIMCO Maritime Cyber Security survey said they would cancel a contract with a third-party supplier over concerns with their cyber-security practices, or if it was found to be the cause of a cyber incident in the respondent’s own organisation. Furthermore, 26% admitted they had previously recommended not doing business with a third-party supplier due to concerns over poor cyber security practices. The survey found 68% reported phishing incidents where email attachments or web links led to breaches. Contractors or third parties were also a liability.

What is susceptible to attack at sea is navigation control and propulsion, automatic identification system (AIS), electronic chart display and information system (ECDIS), or radar. In ports, ships’ cargo handling or container tracking could be compromised.

The International Maritime Organisation has given ship-owners and managers until January 2021 to incorporate cyber risk management into their respective ship management systems.

Toll said it had further strengthened its systems and operations across its global network have resumed as normal.
While maritime companies are expanding their assessments into cyber security weaknesses across their supply chain, many of their measures remain firmly focused on reducing human error.

“Cyber-security training is seen by many as a first line of defence, especially against the most common types of cyber incidents,” said Jakob P. Larsen, Head of Security at BIMCO. “Eighty-eight percent of respondents indicated that their company offers some sort of cyber training, either internally provided (58%) or externally provided (30%).

 BIMCO:        Safety At Sea:      FindLaw:        Data Breach Today:


You Might Also Read: 

Maritime Cyber Attacks Quadruple:

 

« Journalist’s Phone Hacked Using An ‘Invisible’ Technique
Fake News Promotes Extremism »

Perimeter 81

Directory of Suppliers

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

eBook: Practical Guide to Security in the AWS Cloud

eBook: Practical Guide to Security in the AWS Cloud

AWS Marketplace would like to present you with a digital copy of the new book, Practical Guide to Security in the AWS Cloud, by the SANS Institute.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

WEBINAR: How to fuel your DevSecOps in AWS

WEBINAR: How to fuel your DevSecOps in AWS

Thursday, May 20, 2021 - In this webinar, SANS and AWS Marketplace will discuss how to build a strategy that encompasses visibility and automation for the DevSecOps pipeline in AWS.

Perimeter 81

Perimeter 81

Perimeter 81 is a Zero Trust Network as a Service designed to simplify secure network, cloud and application access for the modern and distributed workforce.

Metasploit

Metasploit

Metasploit penetration testing software helps find security issues, verify vulnerabilities and manage security assessments.

CionSystems

CionSystems

CionSystems provides identity, access and authentication solutions to improve security and streamline IT infrastructure management.

SAI Global

SAI Global

SAI Global provide products and services for enterprise risk management including Governance, Risk & Compliance and Digital Risk solutions.

haltDos

haltDos

HaltDos is an AI driven website protection service that secures websites against today's cyber threats.

Vigilant Software

Vigilant Software

Vigilant Software develops industry-leading tools for intelligent, simplified compliance, including ISO27001-risk management and EU GDPR.

Vijilan Security

Vijilan Security

Vijilan provides 24/7 SOC services to MSPs/VARs. Our Security Operations Center is global, and our services are exclusive to the Channel.

HancomWITH

HancomWITH

HancomWITH is a World-Leading Mobile and Digital Forensic Research Group. We provide a one-stop forensic service for law firms, audit, and eDiscovery corporations.

Arqit

Arqit

Arqit's mission is to use transformational quantum encryption technology to keep safe the data of our governments, enterprises and citizens.