Phishing Attacks against Commercial Vessels on the Rise, Alerts US Coast Guard
US coastal and maritime defense is at risk, warns the Coast Guard. An alert released on Monday cautions that hackers have actively been targeting the networks of commercial vessels with phishing attacks. This is not a one-time hit. In 2018, the FBI, DHS and US Coast Guard worked together on investigating a major ransomware attack on the shipping industry that started with the Port of San Diego.
The US Coast Guard issued the alert following a preliminary investigation of an attack in February “when Coast Guard investigators were called to examine reports of a cybersecurity incident aboard an international deep draft vessel bound for the Port of New York and New Jersey.” There was no major damage.
A similar alert had been issued in May when cybercriminals resorted to phishing to steal sensitive information about the ships and their itineraries. No details have been released regarding the malware infection, but the network was not used by staff for personal business. “The ship’s network was mainly used for official business, including updating electronic charts, managing cargo data and communicating with shore-side facilities, pilots, agents and the Coast Guard,” says the report.
“The team concluded that although the malware significantly degraded the functionality of the onboard computer system, essential vessel control systems had not been impacted,” according to the Coast Guard alert issued Monday. “Nevertheless, the interagency response found that the vessel was operating without effective cybersecurity measures in place, exposing critical vessel control systems to significant vulnerabilities.”
What is medical identity theft and how to protect against it
July 27, 2022
Identifying and Dealing with Online Bullying Is Not Impossible - School Presentation Inside
June 28, 2022
Let’s Celebrate World Social Media Day by Improving Your Privacy and Security Online
June 28, 2022
Bitdefender Reveals the Top Cyber Threats Faced by Consumers in 2021
June 22, 2022
Scam alert: Cybercrooks use shady investment domain to scam keen investors out of money and data
May 24, 2022