It comes as no surprise that hackers do not make their victims aware of the fact that they have been hacked. What hackers do is that they penetrate our systems and infect them with a malware in order to take full control. However, there are some important signs that tell us that we might have been hacked.
The malware can remain hidden in the systems without us noticing, while the hacker can access our systems at any time in order to check if the malware planted was able to harass our devices. This is why we might not realize that a hacker is inside our system until it’s already too late.
In maritime, cyber-attacks on its operational technology (OT) systems have increased with the number of reported incidents set to reach record volumes by year end.
This happens because where OT networks are thought to be protected, they are often inadequate and based on industrial computerised system, operating in a permanent state of disconnection from the network or, alternatively, connected to port systems and the equipment manufacturer’s offices overseas via RF radio communication (wi-fi) or a cellular network (via SIM).
This gives the chance to hackers to access cranes, the storage systems, they can penetrate the core operational systems either through cellular connections, wi-fi, and USB sticks, and penetrate these systems directly.
How can seafarers know if they have been hacked
#1 Random browser pop-ups
If you receive constant, frequent, and random pop-ups while browsing different websites that generally don’t show them, it is almost certain that you have been hacked. Nowadays, many websites can bypass ad-blocker programs and show pop-ups. These kinds of websites cannot tell if you have been hacked or not. However, if unexpected pop-ups appear while browsing website that you regularly visit, it is a first sign that something is going wrong with your device.
#2 Auto-redirect to irrelevant websites
This is one of the most common ways that hackers “inform” you that you have been hacked. Usually, hackers are paid to redirect users to these unwanted websites. Once you open a URL, it will automatically redirect you to a different source without permissions. What happens is that when you enter some keywords in a search bar, the malware installed in your system will automatically redirect you to another website, regardless of what you’ve been searching before.
#3 Messages that you did not send
We have all witnessed incidents where random messages and links are sent to our inbox from a friend or a person on our contact list. The hacker is using the accounts to send out a message to all our friends with either a link that will instantly start the download of a malicious file or redirect them to a malicious site. This could be a standard message or just a URL.
Sometimes, the hackers are personalizing the messages in order to make them appear real and increase the likelihood of someone clicking the link out of curiosity. For example, if a person or a group is telling you to have accessed your account and messaged you about it, you should certainly not click any links that they send, as these are false claims of a further attempt to access personal information. This is a clear sign that our system or social media accounts have been hacked.
#4 Unexpectedly wrong passwords
If you try to log in to a platform or website and the access is denied even though you are 100% sure that you’ve entered the right credentials, it is crystal clear that your account has been compromised and someone has stolen your details and changed the passwords. What usually happens is that the hacker has previously redirected you to a look-a-like page in order for you to enter your account details, for example to change your password for “security reason”. After that you can be quite sure that the hacker now possesses your credentials and will try to take advantage of your account.
How to protect seafarers from cyber risks
In order to be safe and protect their ships as well from cyber attacks, seafarers require training regarding internet usage not only on the vessel devices but their private devices as well. Namely, training must take place on software and systems, with seafarers needing to be educated on how to deal with threats from email attacks.
Moreover, crew need to be trained on when to give access, when not to, and how to report these emails if they suspect them to be an attempted hack. In fact, seafarers need to be trained on how to deal with updates, how to deal with password policies, and how to deal in general with onboard IT technology.
This will give them the tools to understand the threats for ship operations because then they will to know what can happen if they open an email, if they give access to somebody who they maybe don’t know.
One way that can happen is for shore personnel to inform the crew via regular feedback after a phishing email campaign has been sent out. This allows the seafarers to understand their mistakes and improve their knowledge on what to look out for in an email. This feedback aims to be a constant reminder of the importance of IT security onboard.
The hope is that once seafarers have received increased training on these issues the amount of successful cyber-attacks experienced by the industry will decrease, and the industry will be able to drastically reduce cyber risk and improve operational business, and processes.
Do you have prove of OT attacks in the Maritime industry, or do you just copy the 900% from another website without any proof ?
Give me 5 examples please. I am really looking for examples, because I often get the question, but I can never find 1 maritime OT hack example. And the 900%, is that from 1 incident to 9, or from 50 to 450?
Further:
Why would a hacker who is inside someone’s system, starts showing popups in a web browser? The main goal of a hacker is to stay unnoticed until the big finel; a ransomware attack. Pop ups will reveal his presence and the money income is only minimal. Pop ups might be a sign of a virus infection, what is not the same as being attacked.
Why would a hacker redirect you to irrelevant websites? to enter credentials, so you can be hacked? But you are already hacked… Redirecting is a way of phishing, which is normally the stage before being hacked.