How can, therefore, these threats affect industries and organizations, especially those in the maritime environment?
Cyber threat explained
The UK National Cyber Security Center describes cyber security as: "The protection of devices, services and networks - and the information on them - from theft or damage."
Accordingly, 'cyber-attack' is any malicious attempt to damage, disrupt or gain unauthorized access to computer systems, networks or devices, via cyber means, while 'cyber incident' is a breach of the security rules for a system or service - most commonly.
October marks the National Cybersecurity Awareness Month. Ensuring the cybersecurity of organization information systems, information technology, and operational technology requires constant vigilance and careful use.
Major cyber threats
- Phishing
The US Coast Guard presents phishing among the major cyber threats; the fraudulent attempt to obtain sensitive information; such as usernames, passwords and credit card details, for malicious reasons. Organizations are urged to improve resilience against phishing, whilst minimizing disruption to user productivity. Typical defenses against phishing are reliant on users' abilities to detect phishing emails.
- Ransomware
A ransomware usually revolves around obtaining money to restore the locked down data of the victim. In other words, it is a cryptographic code, which is written to lock down the files. It is just like any other computer code written by developers based on a simple cryptographic algorithm. Therefore, to write a complex ransomware code, authors and cyber-extortionists must have very good knowledge of computer language and code writing.
- Insider threat
This threat refers to any malicious threat to an organization originating from a person within the organization itself. This could manifest itself in fraud, theft of information, or damage to internal systems.
Individuals should make sure that they lock their workstations when they leave their desks and never share passwords with anyone,
the US Coast Guard informs
- Social Media deception
Cyber criminals use social media to engage in identity theft and attract individuals to download malicious code or even reveal their secure codes. Social media settings can determine who can access our information and secure them to the greatest extent possible!
Research says that from 2016 to 2017, there has been a 2,502% increase in the sale of ransomware on the dark web while cyber-criminal economy has hit global revenues of $1.5 trillion a year, the FBI has said. Profit; that’s the incentive behind cyber-crime!
Actions to be taken by shipping operators
- Stick to the industry guidelines on maritime cybersecurity practices and their implementation
- Use strong passwords and update them frequently
- Be aware of your systems and the way they interact with each other
- Implement risk assessment procedures properly
A messaging campaign to raise awareness
The global marine and offshore industry initiative, Be Cyber Aware at Sea aims to raise awareness, inform and educate owners, operators and on-board crews in order to ensure they are doing everything they can to mitigate this unknown threat at sea.
SAFETY4SEA supports the campaign which provides free resources such as downloadable posters, 'Phish & Ships' newsletter, a video blog each month with guest interviewees, 'Shark Bytes' and useful daily updates via all social media channels. The initiative received the 2018 SMART4SEA Training Award, sponsored by Navarino, for uniting industry stakeholders to raise awareness towards cyber security.
