Subscribe to our Mailing Lists (It's free!)
Thursday, March 30, 2023
SAFETY4SEA
  • Home
  • Safety
    • All
    • Accidents
    • Alerts
    • Loss Prevention
    • Maritime Health
    • Regulation
    • Safety
    • Seafarers
    • Security
    New amendment to the FAL Convention aims to combat illicit activities

    New amendment to the FAL Convention aims to combat illicit activities

    Belize, Japan and Portugal join Cape Town Agreement

    Belize, Japan and Portugal join Cape Town Agreement

    MOL

    MOL, Rio Tinto sign agreement to improve crew welfare

    lessons learned

    Lessons learned: Head injury when crew member fell over in bathroom during heavy weather

  • SEAFiT
    • All
    • Intellectual
    • Mental
    • Physical
    • Social
    • Spiritual
    competence

    The four stages of competence and how they apply in business

    Why sleep and mental health go hand-in-hand

    Why sleep and mental health go hand-in-hand

    Life coaching tips: How to maintain a good work-life balance

    Life coaching tips: How to maintain a good work-life balance

    Wabi sabi

    Wabi Sabi: Imperfection makes perfection at work

  • Green
    • All
    • Arctic
    • Ballast
    • Emissions
    • Fuels
    • Green Shipping
    • Pollution
    • Ship Recycling
    • Technology
    2023 GREEN4SEA Athens Forum: How industry navigates the complex legislative landscape towards decarbonization

    2023 GREEN4SEA Athens Forum: How industry navigates the complex legislative landscape towards decarbonization

    ABB provides Lisbon with its first all-electric boat

    ABB provides Lisbon with its first all-electric boat

    CARB approves stack exhaust capture and treatment system

    CARB approves stack exhaust capture and treatment system

    NGO Shipbreaking Platform.

    NGO Shipbreaking Platform urges companies to sell container ships for scrapping

  • Smart
    • All
    • Connectivity
    • Cyber Security
    • E-navigation
    • Energy Efficiency
    • Maritime Software
    • Smart
    SAFE introduces autonomous hydrographic survey vessel

    SAFE introduces autonomous hydrographic survey vessel

    KR and Microsoft Korea sign MoU to collaborate on digital transformation

    KR and Microsoft Korea sign MoU to collaborate on digital transformation

    BIMCO

    BIMCO calls for IMO to develop a specific strategy on digitalization

    Top tech trends to watch in maritime

    SHI creates smart AI chatbot able to advise its users

  • Risk
    • All
    • CIC
    • Detentions
    • Fines
    • PSC Case Studies
    • PSC Focus
    • Vetting
    Italian Coast Guard

    Italian Coast Guard detains rescue vessel Louise Michel

    Belize Port Authority detains grounded vessel for investigation

    Belize Port Authority detains grounded vessel for investigation

    australia sea mines

    AMSA imposes 90-day ban on Dutch vessel

    Singapore

    Eco Spark arrested in Singapore

  • Others
    • All
    • Diversity in shipping
    • Maritime Knowledge
    • Offshore
    • Ports
    • Reports
    • Shipping
    • Sustainability
    • Videos
    BIMCO: Japan’s dry bulk imports fall 4% amid weak steel demand

    BIMCO: Japan’s dry bulk imports fall 4% amid weak steel demand

    Watch: FPSO ONE GUYANA enters drydock

    Watch: FPSO ONE GUYANA enters drydock

    Cruise tours resume in Shanghai after Covid-19 hiatus

    Cruise tours resume in Shanghai after Covid-19 hiatus

    general average

    Ever Given: The grounding that changed the world’s view of shipping

  • Columns
    technology

    The road to Alternative Fuels

    The end of the supply chain crisis and what we need to learn for the next one(s)

    The end of the supply chain crisis and what we need to learn for the next one(s)

    WSC: Minimising accidents is at the top of liner shipping’s agenda

    WSC: Minimising accidents is at the top of liner shipping’s agenda

    Trending Tags

    • Career Paths
    • Industry Voices
    • Maripedia
    • Maritime History
    • Resilience
    • Seafarers Stories
    • SeaSense
  • Events
  • Plus
No Result
View All Result
  • Home
  • Safety
    • All
    • Accidents
    • Alerts
    • Loss Prevention
    • Maritime Health
    • Regulation
    • Safety
    • Seafarers
    • Security
    New amendment to the FAL Convention aims to combat illicit activities

    New amendment to the FAL Convention aims to combat illicit activities

    Belize, Japan and Portugal join Cape Town Agreement

    Belize, Japan and Portugal join Cape Town Agreement

    MOL

    MOL, Rio Tinto sign agreement to improve crew welfare

    lessons learned

    Lessons learned: Head injury when crew member fell over in bathroom during heavy weather

  • SEAFiT
    • All
    • Intellectual
    • Mental
    • Physical
    • Social
    • Spiritual
    competence

    The four stages of competence and how they apply in business

    Why sleep and mental health go hand-in-hand

    Why sleep and mental health go hand-in-hand

    Life coaching tips: How to maintain a good work-life balance

    Life coaching tips: How to maintain a good work-life balance

    Wabi sabi

    Wabi Sabi: Imperfection makes perfection at work

  • Green
    • All
    • Arctic
    • Ballast
    • Emissions
    • Fuels
    • Green Shipping
    • Pollution
    • Ship Recycling
    • Technology
    2023 GREEN4SEA Athens Forum: How industry navigates the complex legislative landscape towards decarbonization

    2023 GREEN4SEA Athens Forum: How industry navigates the complex legislative landscape towards decarbonization

    ABB provides Lisbon with its first all-electric boat

    ABB provides Lisbon with its first all-electric boat

    CARB approves stack exhaust capture and treatment system

    CARB approves stack exhaust capture and treatment system

    NGO Shipbreaking Platform.

    NGO Shipbreaking Platform urges companies to sell container ships for scrapping

  • Smart
    • All
    • Connectivity
    • Cyber Security
    • E-navigation
    • Energy Efficiency
    • Maritime Software
    • Smart
    SAFE introduces autonomous hydrographic survey vessel

    SAFE introduces autonomous hydrographic survey vessel

    KR and Microsoft Korea sign MoU to collaborate on digital transformation

    KR and Microsoft Korea sign MoU to collaborate on digital transformation

    BIMCO

    BIMCO calls for IMO to develop a specific strategy on digitalization

    Top tech trends to watch in maritime

    SHI creates smart AI chatbot able to advise its users

  • Risk
    • All
    • CIC
    • Detentions
    • Fines
    • PSC Case Studies
    • PSC Focus
    • Vetting
    Italian Coast Guard

    Italian Coast Guard detains rescue vessel Louise Michel

    Belize Port Authority detains grounded vessel for investigation

    Belize Port Authority detains grounded vessel for investigation

    australia sea mines

    AMSA imposes 90-day ban on Dutch vessel

    Singapore

    Eco Spark arrested in Singapore

  • Others
    • All
    • Diversity in shipping
    • Maritime Knowledge
    • Offshore
    • Ports
    • Reports
    • Shipping
    • Sustainability
    • Videos
    BIMCO: Japan’s dry bulk imports fall 4% amid weak steel demand

    BIMCO: Japan’s dry bulk imports fall 4% amid weak steel demand

    Watch: FPSO ONE GUYANA enters drydock

    Watch: FPSO ONE GUYANA enters drydock

    Cruise tours resume in Shanghai after Covid-19 hiatus

    Cruise tours resume in Shanghai after Covid-19 hiatus

    general average

    Ever Given: The grounding that changed the world’s view of shipping

  • Columns
    technology

    The road to Alternative Fuels

    The end of the supply chain crisis and what we need to learn for the next one(s)

    The end of the supply chain crisis and what we need to learn for the next one(s)

    WSC: Minimising accidents is at the top of liner shipping’s agenda

    WSC: Minimising accidents is at the top of liner shipping’s agenda

    Trending Tags

    • Career Paths
    • Industry Voices
    • Maripedia
    • Maritime History
    • Resilience
    • Seafarers Stories
    • SeaSense
  • Events
  • Plus
No Result
View All Result
SAFETY4SEA

Recent maritime cyber threats

by The Editorial Team
March 22, 2021
in Cyber Security
how to know you are hacked

Credit: Shutterstock

FacebookTwitterEmailLinkedin

Dryad and RedSkyAlliance monitor attempted attacks within the maritime sector. The partners examine how email is used to deceive the recipient and potentially expose the target organisations.

Fraudulent emails designed to make recipients hand over sensitive information, extort money or trigger malware installation on shore-based or vessel IT networks remains one of the biggest day-to-day cyber threats facing the maritime industry.

The identified emails attempted to deliver malware or phishing links to compromise the vessels and/or parent companies. Users should be aware of the subject lines used and the email addresses that are attempting to deliver the messages.

Those who work in the security industry can quickly identify the suspicious aspects of these emails, but the targets often cannot. Even if attackers can only get 10% of people to open their malicious email attachments, they can send thousands out in a day using similar templates resulting in hundreds of victims per day. They can also automate parts of this process for efficiency.

RelatedNews

ECSA welcomes the updated EU Maritime Security Strategy

MOL: World’s first company to receive AiP for vessel cyber resilience

It is critical to implement training for all employees to help identify malicious emails/attachments. This is still the major attack vector for attackers looking to attack a network. These analytical results illustrate how a recipient could be fooled into opening an infected email. They also demonstrate how common it is for attackers to specifically target pieces of a company’s supply chain to build up to cyber-attacks on the larger companies

Dryad Global notes.

Recently, the partners observed a wide variety of maritime-related subject lines. Some of the new vessel names used this week include “MV Soho Trader” among others. Red Sky Alliance has been monitoring a continuous campaign in which threat actors are impersonating the Mediterranean Shipping Company (MSC) while spreading Dridex malware through malicious email attachments. The attackers are re-using TTP’s to target numerous different targets around the globe in a variety of industries.

Beginning at the end of January, analysts began observing these malicious emails and since then have continued to see the same tactics used multiple times. While it appears, the attackers are spoofing MSC employees at this time, analysts are also monitoring for any malicious emails which appear to be sent by an MSC account which has been taken over

The most recent emails follow the exact same patterns analysts have observed since January. These attackers will impersonate MSC employees which do not exist, according to open-source data. They continue to use dozens of unique aliases but not one of the sending emails is seen in open source; indicating that the attackers are using alias names. However, they appear to be using the proper sending email format ([email protected][.]com) which shows they have done some measure of reconnaissance on the company.

Commonalities between these emails remain the same:

  • All senders impersonate employees or departments at Mediterranean Shipping Company.
  • The emails are disguised as invoices or payment notifications (many of them “overdue” to create a sense of urgency in the target).
  • The subject lines have a date at the end (mm/dd/yyyy)
  • All messages contain a malicious .xlsm file attachment.
  • There are two message bodies used, one just says “redacted” and the other is a description of account charges.
  • The attachment contains Dridex

The malicious email attachment titled “Statement_as_of_(DD_MMM_YYY).xlsm” is also an updated version of the file reported in last week’s maritime report (WR-21-032-006). Note the .xlsm file extension. This indicates that the spreadsheet will open in Excel with Macros enabled (used to activate the malware).

See also: Latest maritime cyber security and threats

See also: The latest maritime cyber security threats

Tags: cyber incidentscyber riskcyber securitysm

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended

2023 GREEN4SEA Athens Forum: How industry navigates the complex legislative landscape towards decarbonization

2023 GREEN4SEA Athens Forum: How industry navigates the complex legislative landscape towards decarbonization

March 30, 2023
New amendment to the FAL Convention aims to combat illicit activities

New amendment to the FAL Convention aims to combat illicit activities

March 30, 2023

SEAFiT Poll

What is the biggest obstacle for the social life onboard?

Stay tuned for the results!

MARITIME EVENTS

Explore

  • Safety
  • Green
  • Smart
  • Risk
  • Others
  • Events
  • Plus

Useful Links

  • About
  • Disclaimer
  • Editorial Policies
  • Advertising
  • Contact

RISK4SEA Facts

Did you know that age matters for 2020? 19% more on the Detention Rate for Bulk Carriers 16-20 yo vs. 2019 in Australia.

Learn more risk4sea.com

© 2021 SAFETY4SEA

No Result
View All Result
  • Safety
    • Alerts
    • Accidents
    • Loss Prevention
    • Maritime Health
    • Regulation
    • Safety
    • Seafarers
    • Security
  • Green
    • Arctic
    • Ballast
    • Emissions
    • Fuels
    • Green Shipping
    • Pollution
    • Ship Recycling
    • Technology
  • Smart
    • Connectivity
    • Cyber Security
    • E-navigation
    • Energy Efficiency
    • Maritime Software
    • Smart
  • Risk
    • CIC
    • Detentions
    • Fines
    • PSC Focus
    • Vetting
  • Others
    • Diversity in shipping
    • Maritime Knowledge
    • Offshore
    • Ports
    • Reports
    • Shipping
    • Sustainability
    • Videos
  • Columns
    • Opinions
    • Career Paths
    • Industry Voices
    • Maripedia
    • Maritime History
    • Seafarers Stories
    • SeaSense
  • Events
  • Plus

© 2021 SAFETY4SEA

This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Disclaimer.