Report: Maritime Cyberattacks Up by 400 Percent

File image

Published Jun 4, 2020 1:59 PM by The Maritime Executive

Cybersecurity consultancy Naval Dome has reported a 400 percent increase in attempted hacks since February 2020. The primary cause is an increase in malware, ransomware and phishing emails attempting to exploit the COVID-19 pandemic, but Naval Dome says that global travel restrictions, social distancing measures and the economic recession are beginning to cut into companies' self-defense capabilities.

In addition, since OEM technicians have a harder time traveling to service systems on board ships and rigs, they are increasingly making "remote" service calls that require the operator to bypass security protections - creating an opening for a cyberattack. 

 “Covid-19 social restrictions and border closures have forced OEMs, technicians, and vendors to connect standalone systems to the internet in order to service them,” Naval Dome CEO Itai Sela said. “As budgets are cut and in the absence of service engineers, we are seeing ship and offshore rig staff connecting their OT systems to shoreside networks, at the behest of OEMs, for brief periods of time to carry out diagnostics and upload software updates and patches themselves."

This means that their IT and OT systems are no longer segregated, and individual endpoints, critical systems and components may be vulnerable, Naval Dome warned. Some of these are legacy systems which have no security update patches and are even more susceptible to cyber attack. “The increase in OEM personnel working remotely on home networks and personal PCs, which are not well protected, adds to the problem," said Sela. 

During the first three months of 2020, attacks targeting home workers increased tenfold. Security software company McAfee has reported that that between January and April, cloud-based cyberattacks on all businesses increase by 630 percent. 

“Our philosophy is that all systems must be protected using a risk ranking. If it is, then the entire platform is protected from both internal and external attack vectors. If only the network is protected, then whatever enters the net (such as an unintentional attack from authorized personnel) will infect all connected systems," said Sela. 

Ido Ben-Moshe, vice president of business development for Naval Dome, says that remote working and the introduction of remotely controlled, autonomous technologies is likely to take place at a faster pace in a post-coronavirus world. “This will see companies face new cyber security challenges if they fail to implement adequate protective measures,” he said.