UN Maritime Shipping Agency Forced Offline

Uploaded on 2020-10-21 in TECHNOLOGY--Hackers, FREE TO VIEW, BUSINESS-Services-Transport & Travel

The United Nations (UN) agency for international maritime shipping came under a cyber-attack early in October which took a number of services offline and there is speculation that the incident was a ransomware attack.

The International Maritime Organisation (IMO) is responsible for the regulation, safety and security of global shipping. It  has now revealedhat its website was “undergoing some technical issues.” It admitted a day later that these had actually been caused by malicious actors.

In an announcement, the IMO said its Global Integrated Shipping Information Systems (GISIS) database, document repository IMODOCS, and its Virtual Publications service had been affected by the attack but were now restored.  The organisation’s email and virtual meeting platforms were unaffected.

The IMO said restoration of the other unnamed services affected by the attack would take place “as soon as possible and as safe as possible....The interruption of web-based services was caused by a sophisticated cyber-attack against the organization’s IT systems that overcame robust security measures in place. IMO has ISO/IEC 27001:2013 certification for its information security management system. IMO was the first UN organisation to get this certification in 2015,” the IMO explained.

The IMO headquarters file servers are located in the UK, with extensive backup systems in Geneva. The backup and restore system is regularly tested. Following the attack, the secretariat shut down key systems to prevent further damage from the attack.

The  French maritime shipping giant CMA CGM had a similar outage after a breach at its Chinese offices which knocked out some servers and applications.

IMO:     Infosecurity Magazine:      MyTechDecsions:  

You Might Also Read:

Cyber Security Deadline For Mariners:

 

« Protecting The Security Of Australian Universities
IBM Restructures To Concentrate On The Cloud »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Pervade Software

Pervade Software

Pervade Software is a global provider of dedicated compliance tracking software with monitoring & reporting capabilities.

Optimal IdM

Optimal IdM

Optimal IdM is a leading global provider of identity management solutions and services.

Samsung Knox

Samsung Knox

Samsung Knox brings multi-layered defence-grade security to your business’s smartphones and tablets.

National Cyber Security Centre (NCSC) - Switzerland

National Cyber Security Centre (NCSC) - Switzerland

The National Cyber Security Centre is Swizerland's competence centre for cybersecurity and the first contact point for businesses, public administrations, and the public for cyber issues.

Myra Security

Myra Security

Myra technology monitors, analyzes, and filters malicious internet traffic before virtual attacks can do any real harm.

Infosec (T)

Infosec (T)

Infosec (T) Limited is an independent Tanzania based consultancy specializing in IT governance, information security and IT audit.

Asset Guardian Solutions (AGSL)

Asset Guardian Solutions (AGSL)

Asset Guardian are dedicated to protecting the integrity of process control systems software that is used to control operations and production processes.

CYBER.ORG

CYBER.ORG

CYBER.ORG's goal is to empower educators as they prepare the next generation to succeed in the cyber workforce of tomorrow.

Cohesity

Cohesity

Cohesity radically simplifies the way businesses back up, manage, protect, and extract value from their data—in the data center, at the edge, and in the cloud.

White Cloud Security

White Cloud Security

White Cloud is a cloud-based Application Trust-Listing security service that prevents unauthorized programs from running on your computers.

Resolvo Systems

Resolvo Systems

Resolvo is provides comprehensive security assessment and testing services in Asia.

ImmuneBytes

ImmuneBytes

ImmuneBytes is a cutting-edge security startup that aims to provide a secure blockchain environment for a dependable and open Web3 ecosystem.

Hilltop Technologies

Hilltop Technologies

Hilltop Technologies is a cybersecurity company specialized in managed security services and consulting tailored for all sectors from higher education to publicly traded companies.

Sirar by STC

Sirar by STC

Sirar is an advanced technology and cybersecurity company established by STC, the MENA region’s ICT and digital services provider.

Karthik Consulting (KC)

Karthik Consulting (KC)

Karthik Consulting is a technology service provider specializing in IT services for the U.S. federal government.

Tulpa AI

Tulpa AI

Tulpa develops safe AI assistants (co-pilots) to support and enhance human performance in high-stakes, mission-critical decision-making environments.