Maritime Cyber - New Crook in Town
Lawrie Abercrombie FCIIS
Arcanum Cyber - Helping Businesses Operate Securely in Cyber Space - Principal Cyber Security Consultant
Over the last couple of years interest and concern in Maritime cyber security has risen exponentially. There have been several notable incidents, from the drug trafficking related breach at Antwerp port in 2013 through to what is probably the most high profile maritime attack, the NotPetya ransomware last year which cost Maersk $300 million to rectify.
However, very few cyber incidents specifically targeted maritime companies or ports with the intention of causing damage, stealing data or money. The Antwerp episode was a byproduct of the traffickers trying to smuggle their drugs into Europe and wasn't intended to do any financial or physical harm to the port and Maersk was just one of several hundred victims of NotPetya.
"Unlike other BEC groups, GOLD GALLEON does not target a wide range of businesses but appears to focus solely on global maritime shipping businesses and their customers."
But all that has changed and the bad guys are now actively going after companies in the maritime industry. A team from Secureworks, a subsidiary of Dell, has recently produced a detailed report about 'GOLD GALLEON' a Nigerian Cyber Crew's attacks on the Shipping Industry.
"researchers have observed GOLD GALLEON targeting firms in South Korea, Japan, Singapore, Philippines, Norway, U.S., Egypt, Saudi Arabia and Colombia."
In brief, the globally dispersed nature of shipping means that email is the most common form of communication between ships, owners and companies that provide ship management and port services, so GOLD GALLEON adapted business email compromise and business email spoofing to target the shipping industry. It's an excellent report and really worth reading.
Lawrie Abercrombie M.Inst.IISP is the Technical Director at Arcanum, a UK National Cyber Security Centre (NCSC) accredited Consultancy working with Businesses, Government and the Defence Industry. One of only a few Lead Security & Information Risk Advisors certified by the NCSC, Lawrie specialises in Risk Management for IT and OT projects and has been briefing on Maritime Cyber in the UK and internationally in both the Public and Private sectors for several years.
If you or your organisation would like to benefit from our expertise we would be delighted to hear from you. Call us on 01558 669140 or visit our website: https://arcanum-cyber.com/maritime