Maritime Data For Sale On the Dark Web

Uploaded on 2020-07-09 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-Transport & Travel

Ransomware attackers who hacked leading Australian maritime logistics business Toll Group’s corporate server files in May 2020 have published stolen data on the Dark Web, the company has revealed. The hackers used Nefilim ransomware to steal sensistive dat  including Toll employee names, home addresses, age, birthdates, and payroll details including salary, superannuation, and tax file numbers.

While it's not illegal to visit the Dark Web, it provides access to illegal activities. Web sites that exist on the Dark Web are encrypted most commonly through the Tor encryption tool and most Dark Web users access those sites using the Tor browser.

The Dark Web allows users to remain anonymous through encryption. This is attractive to anyone involved in illegal activity, such as child pornography, sex trafficking, illicit drugs, or counterfeit goods. The hackers who scolded Toll did so easily because of  its lack of security measures. “Toll Group failed to secure their network even after the first attack (in January),” read the post, screen grabbed by Data Breach Today. “We have more than 200 GB of archives of their private data.”

Toll have refused ransom demands by the unknown hackers so far. 

The first attack, which took place in January and has since been attributed to a Russian criminal group, a Toll spokesperson has said there has been a second unrelated attack. The second security breach, which took place in May was in concert with a spate of attacks on other industries in Australia. Australia’s trade and diplomatic relationships with China have worsened over issues regarding the COVID-19 pandemic and as yet unattributed cyber attacks on Australian institutions and businesses. 

A recent joint cyber security survey by the international maritime  association BIMCO found the “attack surface” or human element to be a major factor in maritime shipping  industry breaches. 

The survey noted that training in the maritime industry was important to prevent seafarers and dockers opening emails containing malware or inserting infected USB sticks into company computers.

Maritime organisations would stop doing business with a third-party supplier due to a lack of cyber-security protections, according to an industry survey.

More than three-quarters (77%) of respondents to the 2020 Safety at Sea and BIMCO Maritime Cyber Security survey said they would cancel a contract with a third-party supplier over concerns with their cyber-security practices, or if it was found to be the cause of a cyber incident in the respondent’s own organisation. Furthermore, 26% admitted they had previously recommended not doing business with a third-party supplier due to concerns over poor cyber security practices. The survey found 68% reported phishing incidents where email attachments or web links led to breaches. Contractors or third parties were also a liability.

What is susceptible to attack at sea is navigation control and propulsion, automatic identification system (AIS), electronic chart display and information system (ECDIS), or radar. In ports, ships’ cargo handling or container tracking could be compromised.

The International Maritime Organisation has given ship-owners and managers until January 2021 to incorporate cyber risk management into their respective ship management systems.

Toll said it had further strengthened its systems and operations across its global network have resumed as normal.
While maritime companies are expanding their assessments into cyber security weaknesses across their supply chain, many of their measures remain firmly focused on reducing human error.

“Cyber-security training is seen by many as a first line of defence, especially against the most common types of cyber incidents,” said Jakob P. Larsen, Head of Security at BIMCO. “Eighty-eight percent of respondents indicated that their company offers some sort of cyber training, either internally provided (58%) or externally provided (30%).

 BIMCO:        Safety At Sea:      FindLaw:        Data Breach Today:


You Might Also Read: 

Maritime Cyber Attacks Quadruple:

 

« Journalist’s Phone Hacked Using An ‘Invisible’ Technique
Fake News Promotes Extremism »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Omerta

Omerta

Omerta is a global security technology and services company. We advise, consult, design, build, mitigate, protect, manage, provide and train to protect from increasing cyber threats.

Dionach

Dionach

Dionach are a certified information security specialists who provide Penetration Testing, IT Security Auditing and Information Security Consultancy.

GuardSight

GuardSight

GuardSight is a provider of specialized cybersecurity services to safeguard businesses, government, and remote workers against sophisticated cyber threats.

DataDog

DataDog

DataDog provides Cloud-native Security Monitoring. Real-time threat detection across your applications, network, and infrastructure.

Newtec Services

Newtec Services

IT should be responsive, adaptive, and smart. Now more than ever, you need a business that runs efficiently and can adapt to today's challenges. We can help with custom IT solutions.

Edureka

Edureka

Edureka is an online technology training provider with the most effective learning system in the world. We help professionals learn trending technologies for career growth.

NightDragon

NightDragon

NightDragon is a venture capital firm investing in innovative growth and late stage companies within the cybersecurity, safety, security, and privacy industry.

NASK SA

NASK SA

NASK SA is an integrator of telecommunications services. We provide advanced ICT security services, collocation and hosting, data centre services, and build corporate networks.

Appsian Security

Appsian Security

Appsian provides powerful solutions that help organizations take control of their business critical data and financial transactions.

FortiGuard Labs

FortiGuard Labs

FortiGuard Labs is the threat intelligence and research organization at Fortinet. Its mission is to provide Fortinet customers with the industry’s best threat intelligence.

HackersEra

HackersEra

HackersEra is a leading offensive cybersecurity service provider. We enable our clients to operate in a more secure environment efficiently and produce more value.

Tozny

Tozny

Tozny offers products with security and privacy in mind that are built on the foundation of end-to-end encryption, and open-source verifiable software.

Northdoor

Northdoor

Northdoor provides a comprehensive set of services around information security and works with leading global technology vendors to deploy and manage cyber security solutions.

DC Two

DC Two

DC Two are a locally operated and supported Australian data centre, offering a suite of vertically integrated services covering every part of the data centre and cloud technology stack.

Cakewalk

Cakewalk

Cakewalk is the new standard in easy Access Control. Trusted by IT & Security teams. Loved by employees.

TrustNet

TrustNet

TrustNet helps mid-to-large firms build trust through top-tier cybersecurity, compliance, and consulting—offering complete managed services all in one place.