Subscribe to our Mailing Lists (It's free!)
Wednesday, August 17, 2022
SAFETY4SEA
  • Home
  • Safety
    • All
    • Accidents
    • Alerts
    • Loss Prevention
    • Maritime Health
    • Regulation
    • Safety
    • Seafarers
    • Security
    maritime jobs

    Singapore, Pacific Carriers, Pacific International Lines partner to enhance attractiveness of maritime jobs

    seafarers charity

    The Seafarers’ Charity becomes member of Diversity in Maritime Charter programme

    ukrainian seafarers

    Survey highlights need to help Ukrainian seafarers travel internationally

    uk maritime strategy

    UK: New maritime security strategy to address physical and cyber threats

  • Green
    • All
    • Arctic
    • Ballast
    • Emissions
    • Fuels
    • Green Shipping
    • Pollution
    • Ship Recycling
    • Technology
    Aqaba Container Terminal

    Aqaba Container Terminal to achieve net zero by 2040

    indonesia shipping energy transition

    Indonesia can be at the centre of shipping’s energy transition, says new report

    port of corpus christi

    Port of Corpus Christi to launch solar farm

    reneweables for maritime

    German, French partners to produce renewable fuels for maritime

  • Smart
    • All
    • Connectivity
    • Cyber Security
    • E-navigation
    • Energy Efficiency
    • Maritime Software
    • Smart
    one digital rates

    ONE to enable automatic digital rate transfer

    uk maritime strategy

    UK: New maritime security strategy to address physical and cyber threats

    cyprus shipping

    Cyprus to accelerate digitalization for shipping

    hapag lloyd

    Hapag-Lloyd to track containers in real time

  • Risk
    • All
    • CIC
    • Detentions
    • Fines
    • PSC Focus
    uk mca ships detentions

    Seven new foreign flagged ships detained in UK ports during July 2022

    indonesia coal exports ban

    Indonesia to impose more coal export bans

    black sea mou cic stcw

    Black Sea MoU announces PSC Concentrated Inspection Campaign on STCW

    amsa psc annual report 2021

    AMSA PSC Annual Report 2021

  • Others
    • All
    • Diversity in shipping
    • Maritime Knowledge
    • Offshore
    • Ports
    • Reports
    • Shipping
    • Sustainability
    • Videos
    Aqaba Container Terminal

    Aqaba Container Terminal to achieve net zero by 2040

    port of corpus christi

    Port of Corpus Christi to launch solar farm

    Baltic Exchange

    Baltic Exchange: Maritime market highlights 06 August-12 August

    eu sanctions

    EU sanctions: Clarification on carriage of certain Russian cargoes

  • Columns
    EPS

    EPS: Decarbonization and crew welfare as top priorities

    undewater noise

    Port of Vancouver: Slowing ships down supports healthier ecosystems

    human sustainability

    Wilhelmsen: Competence is vital for industry’s sustainability

    Trending Tags

    • Career Paths
    • Industry Voices
    • Maripedia
    • Maritime History
    • Resilience
    • Seafarers Stories
    • SeaSense
  • Events
  • Plus
No Result
View All Result
  • Home
  • Safety
    • All
    • Accidents
    • Alerts
    • Loss Prevention
    • Maritime Health
    • Regulation
    • Safety
    • Seafarers
    • Security
    maritime jobs

    Singapore, Pacific Carriers, Pacific International Lines partner to enhance attractiveness of maritime jobs

    seafarers charity

    The Seafarers’ Charity becomes member of Diversity in Maritime Charter programme

    ukrainian seafarers

    Survey highlights need to help Ukrainian seafarers travel internationally

    uk maritime strategy

    UK: New maritime security strategy to address physical and cyber threats

  • Green
    • All
    • Arctic
    • Ballast
    • Emissions
    • Fuels
    • Green Shipping
    • Pollution
    • Ship Recycling
    • Technology
    Aqaba Container Terminal

    Aqaba Container Terminal to achieve net zero by 2040

    indonesia shipping energy transition

    Indonesia can be at the centre of shipping’s energy transition, says new report

    port of corpus christi

    Port of Corpus Christi to launch solar farm

    reneweables for maritime

    German, French partners to produce renewable fuels for maritime

  • Smart
    • All
    • Connectivity
    • Cyber Security
    • E-navigation
    • Energy Efficiency
    • Maritime Software
    • Smart
    one digital rates

    ONE to enable automatic digital rate transfer

    uk maritime strategy

    UK: New maritime security strategy to address physical and cyber threats

    cyprus shipping

    Cyprus to accelerate digitalization for shipping

    hapag lloyd

    Hapag-Lloyd to track containers in real time

  • Risk
    • All
    • CIC
    • Detentions
    • Fines
    • PSC Focus
    uk mca ships detentions

    Seven new foreign flagged ships detained in UK ports during July 2022

    indonesia coal exports ban

    Indonesia to impose more coal export bans

    black sea mou cic stcw

    Black Sea MoU announces PSC Concentrated Inspection Campaign on STCW

    amsa psc annual report 2021

    AMSA PSC Annual Report 2021

  • Others
    • All
    • Diversity in shipping
    • Maritime Knowledge
    • Offshore
    • Ports
    • Reports
    • Shipping
    • Sustainability
    • Videos
    Aqaba Container Terminal

    Aqaba Container Terminal to achieve net zero by 2040

    port of corpus christi

    Port of Corpus Christi to launch solar farm

    Baltic Exchange

    Baltic Exchange: Maritime market highlights 06 August-12 August

    eu sanctions

    EU sanctions: Clarification on carriage of certain Russian cargoes

  • Columns
    EPS

    EPS: Decarbonization and crew welfare as top priorities

    undewater noise

    Port of Vancouver: Slowing ships down supports healthier ecosystems

    human sustainability

    Wilhelmsen: Competence is vital for industry’s sustainability

    Trending Tags

    • Career Paths
    • Industry Voices
    • Maripedia
    • Maritime History
    • Resilience
    • Seafarers Stories
    • SeaSense
  • Events
  • Plus
No Result
View All Result
SAFETY4SEA

Malicious emails against shipping companies in last week of December

by The Editorial Team
January 4, 2021
in Cyber Security
cyber security scheme

Credit: Shutterstock

FacebookTwitterEmailLinkedin

Dryad and cyber partners RedSkyAlliance monitor attempted attacks within the maritime sector. They examine how email is used to deceive the recipient and potentially expose the target organizations. The following update regards the last week of December.

As explained, even if attackers can only get 10% of people to open their malicious email attachments, they can send thousands out in a day using similar templates resulting in hundreds of victims per day.

In their collection of malicious emails up to 29 December, Dryad and RedSkyAlliance see malicious actors attempting to use vessel names to try to spoof companies in the maritime supply chain.

This week we observed a wide variety of maritime-related subject lines. Some of the new vessel names used this week include “MV Torrent” and “MV New Wind” – among others.

Specifically, analysts observed malicious subject line, “RE: Vessel: SEA HERMES / PO No.: 20-0193-1 – ME AUXILIARY BLOWER\r\n MOTOR” used this week. This email leverages a few techniques to get the targeted users to open the malicious attachments. The company which was targeted by this malicious email has been also seen in previous Maritime Reporting.

RelatedNews

University of Plymouth, BMT collaborate to improve cyber security in maritime

How to know if you have been hacked and what to do about it

See also: How to detect and avoid phishing emails

In May 2020, Fuji Trading, a world leader in marine supplies and engineering, was targeted by a malicious email referencing “fittings for a rescue boat repair.” This malicious email contained a document which attempted to exploit CVE-2017-11882, the commonly observed AV detection. The previously targeted employee was an International Technical Marine sales individual. This company is based in the Netherlands. That same employee is again being targeted, 7 months later, in another malicious email.

Another example of using past identifiers, this past week, a malicious email was sent from a “Senior Procurement Officer” from Wilhelmsen Ship Management. Red Sky Alliance observed attackers sending malicious emails using the same company’s name as an alias in the past (TR-20-307-006). The sender identifies himself as “Hsin Yung, Fong.”

The email consists of a conversation between the attacker and the victim user which eventually leads to a message to the same recipient containing a malicious file attachment.

Unlike many of the malicious emails seen in the past, this email uses a specific “Dear [Employee Name]” greeting.

The attachment titled “dec.-22-6940019-2020.doc” is a malicious MS Word document. As with many of the malicious Emotet documents seen in the past, this one displays a message to “enable content” and “editing” further enabling the malware to infect the system.

If opened, the targeted victim would activate the infamous Emotet malware on their system. This malware is an advance trojan with the ability to steal sensitive information and download other malware as part of a cyber-attack.

This malware is often spread via email through a malicious link or, as in this case, a malicious attachment. Often attackers are looking to steal sensitive data, yet this access to the network also provides an option to activate ransomware if they decided to make a quick profit.

 

Recommendations

The more convincing an email appears, the greater the chance employees will fall for a scam.  To address this residual risk, software-based protection should be treated as one constituent of a wider strategy that also encompasses the human-element as well as organizational workflows and procedures.

It is imperative to:

  • Train all levels of the marine supply chain to realize they are under constant cyber-attack.
  • Stress maintaining constant attention to real-world cyber consequences of careless cyber practices or general inattentiveness.
  • Provide practical guidance on how to look for a potential phishing attempt.
  • Use direct communication to verify emails and supply chain email communication.
  • Use Red Sky Alliance RedXray proactive support, our Vessel impersonation information and use the Maritime
  • Black Lists to proactively block cyber attacks from identified malicious actors.
Tags: cyber securityDryad Globalsm

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended

Aqaba Container Terminal

Aqaba Container Terminal to achieve net zero by 2040

August 17, 2022
indonesia shipping energy transition

Indonesia can be at the centre of shipping’s energy transition, says new report

August 17, 2022
MARITIME EVENTS

RISK4SEA Facts

Did you know that Manager Base matters for 2020? Norway-based managers with General Cargo had approximately 62% less on Detention Rate than the global average.

Learn more risk4sea.com

Explore

  • Safety
  • Green
  • Smart
  • Risk
  • Others
  • Events
  • Plus

Useful Links

  • About
  • Disclaimer
  • Editorial Policies
  • Advertising
  • Contact

© 2021 SAFETY4SEA

No Result
View All Result
  • Safety
    • Alerts
    • Accidents
    • Loss Prevention
    • Maritime Health
    • Regulation
    • Safety
    • Seafarers
    • Security
  • Green
    • Arctic
    • Ballast
    • Emissions
    • Fuels
    • Green Shipping
    • Pollution
    • Ship Recycling
    • Technology
  • Smart
    • Connectivity
    • Cyber Security
    • E-navigation
    • Energy Efficiency
    • Maritime Software
    • Smart
  • Risk
    • CIC
    • Detentions
    • Fines
    • PSC Focus
    • Vetting
  • Others
    • Diversity in shipping
    • Maritime Knowledge
    • Offshore
    • Ports
    • Reports
    • Shipping
    • Sustainability
    • Videos
  • Columns
    • Opinions
    • Career Paths
    • Industry Voices
    • Maripedia
    • Maritime History
    • Seafarers Stories
    • SeaSense
  • Events
  • Plus

© 2021 SAFETY4SEA

This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Disclaimer.