‘Be Cyber Aware at Sea’ campaign issues every month an informative newsletter, as part of its efforts to provide the shipping industry with the necessary services, to educate organisations on the cyber threat and help them manage and transfer their risk. This month’s issue of the campaign’s official newsletter ‘Phish & Ships’, sponsored by CSO Alliance Maritime, informs on robust cyber security, specifically in autonomous ships, and offers anti-ransomware tips.
It is noted that, among today’s fastest-growing cyber crime epidemics is “ransomware” – malicious software that encrypts your computer files, photos, music and documents and then demands payment in Bitcoin to recover access to the files. A big reason for the steep increase in ransomware attacks in recent years comes from the proliferation of point-and-click tools sold in the cyber crime underground network, making it simple for anyone to begin extorting others for money.
There are actual online tools which enable anyone to become a cyber pirate, kidnapping data for a ransom, so you need to be on your guard. Experts believe that protection is vital, but so too is awareness. After all, you can have the best security systems, but if you circumvent them yourself, then of course, you will be at the mercy of those who would seek to extort you.
Ransomware encrypts the files on a computer, essentially scrambling the contents of the file so that operator can’t access it without a decryption key, in exchange for which is demanded a ransom. Once the malware has infected one computer, it can spread to others in the network, making it impossible to carry out normal operations.
- Make sure you’re running a robust security solution which covers all your devices (PCs, Macs, smartphones, and tablets) and provides protection.
- Regularly backup your data. Store the backups offline, and test they work.
- Ensure the software on all your devices up to date.
- Be extra careful with email attachments, especially with ZIP files and Office documents (Word, Excel, and PowerPoint). Don’t open email attachments that are sent by someone you don’t know.
- Limit your use of internet browser plugins.
The campaign notes that, to stay safe online and keep data secure, it is important to create robust passwords. The best and strongest passwords should:
- Contain a lot of characters – use the maximum length available!
- Contain a mixture of upper and lower case letters, numbers and symbols. Make substitutions, such as $ for S.
- Not include keyboard patterns e.g. ‘Qwerty12345’.
- Not include something obvious or relevant to you, such as your name or first line of your address. Even better, choose a word not included in the dictionary at all. Consider using an acronym from a phrase.
- Be unique to each site you log into. Using the same password to access multiple accounts means hackers could access all your accounts with a single password.
The newsletter also includes thoughts of James Creasy, Cyber Unit Class Underwriter at Novae Group, on mitigating cyber threats coming from mobile devices. Mr Creasy notes that, to mitigate these risks and reduce vulnerabilities, every smart phone user should:
- Always restrict access with a passcode and use biometrics where possible.
- Automate device back up – remember that when pictures are saved to the cloud they are not secure, but at least they are backed up
- Always update applications and operating system when notified to do so.
- Always download apps from trusted app stores and do not jailbreak devices.
- Avoid suspicious emails and pop-up notifications requesting credentials.
You may click below to read the Newsletter for April: