UN Maritime Shipping Agency Forced Offline

The United Nations (UN) agency for international maritime shipping came under a cyber-attack early in October which took a number of services offline and there is speculation that the incident was a ransomware attack.

The International Maritime Organisation (IMO) is responsible for the regulation, safety and security of global shipping. It  has now revealedhat its website was “undergoing some technical issues.” It admitted a day later that these had actually been caused by malicious actors.

In an announcement, the IMO said its Global Integrated Shipping Information Systems (GISIS) database, document repository IMODOCS, and its Virtual Publications service had been affected by the attack but were now restored.  The organisation’s email and virtual meeting platforms were unaffected.

The IMO said restoration of the other unnamed services affected by the attack would take place “as soon as possible and as safe as possible....The interruption of web-based services was caused by a sophisticated cyber-attack against the organization’s IT systems that overcame robust security measures in place. IMO has ISO/IEC 27001:2013 certification for its information security management system. IMO was the first UN organisation to get this certification in 2015,” the IMO explained.

The IMO headquarters file servers are located in the UK, with extensive backup systems in Geneva. The backup and restore system is regularly tested. Following the attack, the secretariat shut down key systems to prevent further damage from the attack.

The  French maritime shipping giant CMA CGM had a similar outage after a breach at its Chinese offices which knocked out some servers and applications.

IMO:     Infosecurity Magazine:      MyTechDecsions:  

You Might Also Read:

Cyber Security Deadline For Mariners:

 

« Protecting The Security Of Australian Universities
IBM Restructures To Concentrate On The Cloud »

Perimeter 81

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

WEBINAR: How to fuel your DevSecOps in AWS

WEBINAR: How to fuel your DevSecOps in AWS

Thursday, May 20, 2021 - In this webinar, SANS and AWS Marketplace will discuss how to build a strategy that encompasses visibility and automation for the DevSecOps pipeline in AWS.

Clayden Law

Clayden Law

Clayden Law are experts in information technology, data privacy and cybersecurity law.

Perimeter 81

Perimeter 81

Perimeter 81 is a Zero Trust Network as a Service designed to simplify secure network, cloud and application access for the modern and distributed workforce.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Preempt Security

Preempt Security

The Preempt Platform delivers adaptive threat prevention that continuously preempts threats based on identity, behavior and risk.

Secure-ly

Secure-ly

Securely Ltd. is an IT consulting and services firm specializing in PKI solutions and products.

CyberTech Network

CyberTech Network

CyberTECH is a global cybersecurity, Internet of Things (IoT) and Smart City network ecosystem and incubator operator.

Aptible

Aptible

Security Management and Compliance for Developers. Aptible helps teams pass information security audits and deploy audit-ready apps and databases.

BEAM Teknoloji

BEAM Teknoloji

BEAM Technology is an independent Software Quality and Security Testing Center in Turkey.

Aspisec

Aspisec

Aspisec is a cybersecurity company specialized in Firmware Security and Critical Infrastructure Protection.

u-blox

u-blox

u-blox deliver leading wireless technology to reliably and securely locate and connect people and devices.

ProWriters

ProWriters

As a leading cyber insurance company, ProWriters offers flexible Cyber Liability Insurance coverage designed to cover privacy, data, and network exposures.

Presidio

Presidio

Presidio is a leading North American IT solutions provider focused on Digital Infrastructure, Business Analytics, Cloud, Security & Emerging solutions.

R3I Ventures - House of DeepTech

R3I Ventures - House of DeepTech

The House of DeepTech is an incubator for deeptech entrepreneurs that are transforming global industries. Areas of interest include cybersecurity.