In the April issue of its Phish & Ships newsletter providing insights and latest updates on maritime cyber security, Be Cyber Aware at Sea focuses among others on the latest cyber attack affecting the shipping industry at the Danish Svitzer, a Maersk subsidiary.
After the world’s largest container shipping line, Maersk, was hit by a massive cyber attack in June 2017, Svitzer revealed in March 2018 that it has also suffered a significant data breach. A problem which has seen upwards of 50,000 emails containing private personnel information, auto-forwarded to accounts outside the company.
Localised to the company’s Australian operations, Svitzer has confirmed that the hack, which began on 27 May last year, affected more than 400 employees before being discovered at the beginning of this month. The problem seemingly went unnoticed, as for almost 10 months, between 50,000 and 60,000 emails from three Australian employees of the salvage and towing group working in finance, payroll, and operations, were automatically forwarded to two accounts outside of Svitzer, containing staff personal information including tax file and superannuation numbers and the names of next of kin.
The breach was resolved within five hours of being discovered, after the mailboxes of the external inboxes became full and the auto-forwarded emails began bouncing back to the company. Quite whether they would ever have noticed otherwise is a subject of debate.
After an investigation, the company found that a rule had been set up on the three email accounts to forward the emails to the external accounts and another rule to delete the forwarded emails so the account holders couldn’t see the emails were being forwarded.
Obviously the Svitzer issue was on a much smaller and less damaging scale than the attack on Maersk last year, however it does highlight that even the mundane, shore-based, workaday aspects of shipping companies are under threat.
Data exfiltration has accounted for just over half of an estimated $2.3bn in cyber insurance claims over the past six years in the US market alone, according to risk modelling firm, Risk Management Solutions (RMS). The company has developed its first probabilistic risk model for cyber attacks, which splits cyber into five basic types of attack:
- data exfiltration;
- contagious malware;
- financial theft;
- cloud outage; and
- distributed denial of service (DDoS) attacks
Explore more herebelow:
