Seafarers play an important role onboard a vessel, sometimes being vulnerable to cyber attacks. Hence, GTMaritime launched a phishing penetration test which companies can use and determine whether their crew is capable of dealing with a cyber attack.
Specifically, last autumn GTMaritime started offering a penetration testing service which included sending a selection of crafted spoof phishing messages to crew to test for alertness and for response.
The test consisted of two parts. In the first part, the vessel operator, that chose the test for its company, sent to 16 of its masters a spoof message which was supposedly sent by a Port Authority requesting basic identifying information about the vessel and its owner.
Half of the captains correctly identified the message as a phishing try and did not reply; Yet, the other half provided the information asked for. Of the latter group, in no case was the message escalated to management for advice on how to proceed.
It is commented that the 50-50 split concerned the company, keeping in mind that the message was written in poor English and emanated from a mysteriously unnamed port authority – common features of a phishing attempt -.
Consequently, the company proceeded to second testing to see if they would get the same results.
The second part, supposedly sent by a port Authority, included a personalised subject line that mentioned the target vessel’s name and IMO number.
GTMaritime commented that
There is mounting evidence of cyber criminals including references to familiar people or organisations, adding a veneer of authenticity that encourages the targeted recipient to lower their guard.
Then, the message asked for a host of sensitive particulars and security details, which if passed on to pirates could jeopardise the safety of vessel and crew.
Eight recipients detected that there was something wrong and ignored the request. In addition, thee more were suspicious and contacted the head office. The head office also knew nothing about the testing, but reacted correctly, advising vessels not to send any data and also alerted the IT department.
Despite the positive results of the above, five vessels that received the same phishing email obligingly followed the instructions in the message without properly considering either the safety or commercial ramifications of sensitive information falling into the wrong hands.
Concluding, after the penetration test, GTMaritime offered the vessel operation educational materials.
