The US Coast Guard (USCG) has warned of renewed phishing and malware attacks targeting shipping.
In a safety bulletin issued on May 24, the USCG warned of “cyber adversaries” taking aim at commercial vessels.
Hackers are attempting to gain sensitive information including the content of an official Notice of Arrival (NOA) using email addresses that pose as an official Port State Control (PSC) authority such as: port @ pscgov.org.
Additionally, the Coast Guard has received reports of malicious software designed to disrupt shipboard computer systems.
The Coast Guard has urged maritime stakeholders to verify the validity of the email sender prior to responding to unsolicited email messages. If there is uncertainty regarding the legitimacy of the email request, vessel representatives should try contacting the PSC authority directly by using verified contact information. Additionally, the USCG said vessel owners and operators should continue to evaluate their cyber defence measures.
Good INFO… would be beneficial if you could provide an example of the email with pointers as to how to detect that it is a PHISHING attack, i.e. mis-spelled words, odd sender email address, etc. Sending an alert saves the day– teaching how to detect attacks empowers the targets for life!