Israeli maritime cyber security experts Naval Dome claim there has been a 400% spike in shipping-targeted hacks since February this year with the coronavirus pandemic leaving the sector very vulnerable.
“While an increase in malware, ransomware and phishing emails exploiting the Covid-19 crisis is the primary reason behind the spike, Naval Dome furthers that travel restrictions, social distancing measures and economic recession are beginning to bite into a company’s ability to sufficiently protect itself,” the company stated in a release yesterday.
Among high profile cyber attacks in recent months, Mediterranean Shipping Co (MSC) was struck over the Easter weekend while Australia’s Toll Group has suffered not one, but two hacking incidents this year.
Naval Dome CEO Itai Sela said: “Covid-19 social restrictions and border closures have forced OEMs, technicians, and vendors to connect standalone systems to the internet in order to service them.”
The global crisis and social distancing measures are preventing OEM technicians flying out to ships and rigs to upgrade and service critical OT systems, resulting in operators circumventing established security protocols, leaving them open to attack.
“As budgets are cut and in the absence of service engineers, we are seeing ship and offshore rig staff connecting their OT systems to shoreside networks, at the behest of OEMs, for brief periods of time to carry out diagnostics and upload software updates and patches themselves,” Sela said.
This means that their IT and OT systems are no longer segregated and individual endpoints, critical systems and components may be susceptible. Some of these are legacy systems which have no security update patches and are even more susceptible to cyber attack.
“The increase in OEM personnel working remotely on home networks and personal PCs, which are not well protected, adds to the problem,” Sela said.
Naval Dome data shows that during the first three months of 2020, attacks targeting home workers increased tenfold.
PC security software provider McAfee has reported that that between January and April cloud-based cyber-attacks on all businesses increased by 630%.
A recent note from maritime security consultants Dryad Global warned that cyber criminals are researching their targets and tailoring emails for staff in specific roles. Another tactic highlighted by Dryad Global is to spoof emails from the chief executive or other high-ranking maritime contemporaries in the hope staff lower down the supply chain will drop their awareness and follow the spoofed email obediently.
Consultants at PwC noted in a recent report: “It is evident that the pandemic has brought new challenges for shipping organisations. Uncertainty, unprecedented situations, and rapid IT and organisational changes have shifted the nature of cyber threats, making the need for consistency in both on- and off-shore implemented protective and detective measures a must.”
“Covid-19 is raising stress levels of shoreside teams and crew. This makes shipping more susceptible to cyber attacks, scams, misconfiguration and human error. Insider threats are now just as important as external threats to shipping fleets,” UK cyber security experts CyberOwl suggested in a recent blog post.
Consultant Lars Jensen, who has been looking at maritime cyber security since 2014, latterly with Copenhagen-based Improsec, took part in CyberOwl-hosted webinar last month.
“I came away with the clear impression that the industry is still largely debating the same issues as they have been for the past five years, but actual progress towards heightening security standards are moving slowly,” Jensen wrote in an update on LinkedIn.
Last month, Thomas Knudsen, group managing director at Toll, spoke out about the growing threat of hackers targeting shipping companies. Speaking in the wake of his company suffering its second cyber attack in the space of just three months, Knudsen said cyber crime posed “an existential threat for organisations of all sizes, making it more important than ever for business, regulators and government to adopt a united effort in combatting the very real risk it presents the wider community”.