Subscribe to our Mailing Lists (It's free!)
Tuesday, July 15, 2025
SAFETY4SEA
  • Home
  • Safety
    • All
    • Accidents
    • Alerts
    • Loss Prevention
    • Maritime Health
    • Regulation
    • Safety
    • Seafarers
    • Security
    2024 IMO Bravery Awards honor tanker and tugboat crews for heroic acts

    Officer to receive IMO bravery award for saving 12 crew members

    Panama

    BMA: Sanctions imposed against Russia

    Work,Safety,Concept.,Wooden,Cube,Blocks,With,Icon,Of,Safety

    DNV: Key IMO safety developments

    seafarers

    Philippines DMW issues call to protect seafarers from warlike areas

  • SEAFiT
    • All
    • Intellectual
    • Mental
    • Physical
    • Social
    • Spiritual
    friendship

    Exploring the human need for friendship: A lifeline at sea and on shore

    neck pain

    Neck pain: A growing health concern for maritime workers

    Book Review: Building leaders the MMMA way

    Book Review: Feel grounded and think positive in 10 simple steps

    time

    Stay SEAFiT: Time is non-renewable – invest it wisely

  • Green
    • All
    • Arctic
    • Ballast
    • Emissions
    • Fuels
    • Green Shipping
    • Pollution
    • Ship Recycling
    • Technology
    ammonia bunkering vessel

    Company orders ammonia bunkering vessel for use in Singapore

    WSC

    WSC proposes alignment of EU ETS with IMO Net Zero Framework

    IMO Council World Maritime Day

    IMO: World Maritime Day two-year theme to take policy to practice

    BIMCO FuelEU Maritime Regulation

    EU issues low-carbon hydrogen fuel standards

  • Smart
    • All
    • Connectivity
    • Cyber Security
    • E-navigation
    • Energy Efficiency
    • Maritime Software
    • Smart
    vr training

    Companies team up for virtual reality training to better prepare crew

    digital tools onboard

    Company signs for AI autonomous navigation system for PCTC fleet

    Trafigura, ZeroNorth join forces to advance decarbonization solutions

    Trafigura, ZeroNorth join forces to advance decarbonization solutions

    floating data centres

    New partnership to develop floating data center on retrofitted vessel

  • Risk
    • All
    • CIC
    • Detentions
    • Fines
    • PSC Focus
    • Vetting
    AMSA fine

    NorthStandard: Tips to avoid pollution fines in Turkey

    OCIMF

    OCIMF Annual Report 2025: SIRE 2.0 a welcome change for the industry

    USCG

    ABS PSC Report Q1 2025: 526 total vessels detained

    paris mou lists

    Paris MoU 2024 Performance lists

  • Others
    • All
    • Diversity in shipping
    • Maritime Knowledge
    • Offshore
    • Ports
    • Shipping
    • Sustainability
    • Videos
    China

    China lays out vision for smarter and greener shipping

    Sanctions Russia

    EU plans to impose new Russian oil price cap

    EU US

    US plans to hit EU and Mexico with 30% tariff starting August

    Dr. Rosalie Balkin

    Dr. Rosalie Balkin to receive IMO International Maritime Prize

  • Columns
    Career Paths: Syb ten Cate Hoedemaker, Maritime Battery Forum

    Career Paths: Syb ten Cate Hoedemaker, Maritime Battery Forum

    GSR Services: The Hong Kong Convention sets the rules for total ship lifecycle responsibility

    NorthStandard: Data sharing to drive technology and improve crew wellbeing

    GSR Services: The Hong Kong Convention sets the rules for total ship lifecycle responsibility

    GSR Services: The Hong Kong Convention sets the rules for total ship lifecycle responsibility

    Trending Tags

    • Anchor Your Health
    • Book Review
    • Career Paths
    • Human Performance
    • Industry Voices
    • Interviews
    • Maripedia
    • Maritime History
    • Regulatory Update
    • Resilience
    • Seafarers Stories
    • SeaSense
    • Training & Development
    • Wellness Corner
    • Wellness Tips
  • Events
  • Plus
No Result
View All Result
  • Home
  • Safety
    • All
    • Accidents
    • Alerts
    • Loss Prevention
    • Maritime Health
    • Regulation
    • Safety
    • Seafarers
    • Security
    2024 IMO Bravery Awards honor tanker and tugboat crews for heroic acts

    Officer to receive IMO bravery award for saving 12 crew members

    Panama

    BMA: Sanctions imposed against Russia

    Work,Safety,Concept.,Wooden,Cube,Blocks,With,Icon,Of,Safety

    DNV: Key IMO safety developments

    seafarers

    Philippines DMW issues call to protect seafarers from warlike areas

  • SEAFiT
    • All
    • Intellectual
    • Mental
    • Physical
    • Social
    • Spiritual
    friendship

    Exploring the human need for friendship: A lifeline at sea and on shore

    neck pain

    Neck pain: A growing health concern for maritime workers

    Book Review: Building leaders the MMMA way

    Book Review: Feel grounded and think positive in 10 simple steps

    time

    Stay SEAFiT: Time is non-renewable – invest it wisely

  • Green
    • All
    • Arctic
    • Ballast
    • Emissions
    • Fuels
    • Green Shipping
    • Pollution
    • Ship Recycling
    • Technology
    ammonia bunkering vessel

    Company orders ammonia bunkering vessel for use in Singapore

    WSC

    WSC proposes alignment of EU ETS with IMO Net Zero Framework

    IMO Council World Maritime Day

    IMO: World Maritime Day two-year theme to take policy to practice

    BIMCO FuelEU Maritime Regulation

    EU issues low-carbon hydrogen fuel standards

  • Smart
    • All
    • Connectivity
    • Cyber Security
    • E-navigation
    • Energy Efficiency
    • Maritime Software
    • Smart
    vr training

    Companies team up for virtual reality training to better prepare crew

    digital tools onboard

    Company signs for AI autonomous navigation system for PCTC fleet

    Trafigura, ZeroNorth join forces to advance decarbonization solutions

    Trafigura, ZeroNorth join forces to advance decarbonization solutions

    floating data centres

    New partnership to develop floating data center on retrofitted vessel

  • Risk
    • All
    • CIC
    • Detentions
    • Fines
    • PSC Focus
    • Vetting
    AMSA fine

    NorthStandard: Tips to avoid pollution fines in Turkey

    OCIMF

    OCIMF Annual Report 2025: SIRE 2.0 a welcome change for the industry

    USCG

    ABS PSC Report Q1 2025: 526 total vessels detained

    paris mou lists

    Paris MoU 2024 Performance lists

  • Others
    • All
    • Diversity in shipping
    • Maritime Knowledge
    • Offshore
    • Ports
    • Shipping
    • Sustainability
    • Videos
    China

    China lays out vision for smarter and greener shipping

    Sanctions Russia

    EU plans to impose new Russian oil price cap

    EU US

    US plans to hit EU and Mexico with 30% tariff starting August

    Dr. Rosalie Balkin

    Dr. Rosalie Balkin to receive IMO International Maritime Prize

  • Columns
    Career Paths: Syb ten Cate Hoedemaker, Maritime Battery Forum

    Career Paths: Syb ten Cate Hoedemaker, Maritime Battery Forum

    GSR Services: The Hong Kong Convention sets the rules for total ship lifecycle responsibility

    NorthStandard: Data sharing to drive technology and improve crew wellbeing

    GSR Services: The Hong Kong Convention sets the rules for total ship lifecycle responsibility

    GSR Services: The Hong Kong Convention sets the rules for total ship lifecycle responsibility

    Trending Tags

    • Anchor Your Health
    • Book Review
    • Career Paths
    • Human Performance
    • Industry Voices
    • Interviews
    • Maripedia
    • Maritime History
    • Regulatory Update
    • Resilience
    • Seafarers Stories
    • SeaSense
    • Training & Development
    • Wellness Corner
    • Wellness Tips
  • Events
  • Plus
No Result
View All Result
SAFETY4SEA

USCG: Cyber Trends and Insights in the Marine Environment 2022

by The Editorial Team
June 7, 2023
in Cyber Security
class nk mts-isac
FacebookTwitterEmailLinkedin

USCG released its annual Cyber Trends and Insights in the Marine Environment (ME) report. This report aims to provide relevant information about best practices to secure their critical systems based on USCG findings.

Since December 2020, Coast Guard Cyber Command (CGCYBER) has vastly grown its presence and increased its operational tempo to protect cyber systems underpinning the ME.

The observations and findings in this report provide Coast Guard units and their port partners with relevant information to identify and address cyber risks. Coast Guard Cyber Protection Teams (CPTs) and the Maritime Cyber Readiness Branch (MCRB) developed these findings through technical engagements throughout 2022 with ME partners.

RelatedNews

China lays out vision for smarter and greener shipping

DNV: Key IMO safety developments

Findings

(MTS) partners Fully or Partially Mitigated 93% of all findings within six-months of receiving a CPT Assess mission, an 11% increase from 2021. Other than a slight decrease in Partially Mitigated findings, which is believed to be a result of the increase in Fully Mitigated, all remediation efforts improved from 2021 to 2022. These metrics validate the conclusion that organizations in the ME can take quick and effective action to reduce their attack surface, particularly if they understand the business impacts associated with the risks.

USCG: Cyber Trends and Insights in the Marine Environment 2022
Credit: USCG

Phishing for Information

Phishing for Information is a sub-technique of the Phishing Technique. Phishing for Information is categorized as a reconnaissance technique by the MITRE Corporation rather than an initial access technique.

Valid Accounts

The most common initial access technique used during Assess missions was Valid Accounts. Valid Accounts were often gathered from publicly available sources or from using related techniques such as Phishing for Information, Adversary-in-the-Middle: LLMNR/NBT-NS Poisoning and SMB Relay, or Steal or Forge Kerberos Tickets: Kerberoasting. Coast Guard CPTs gained initial access to the target networks using gathered account information.

Adversary-in-the-Middle: LLMNR/NBT-NS Poisoning and SMB Relay

LLMNR/NBT-NS Poisoning and SMB Relay attacks leverage antiquated features used for host identification to harvest credentials from within a network.

Mitigation Recommendations

#1 Password Policies

A password policy is a set of rules and guidelines that dictate how users should create and manage their passwords for a given system or organization. Password policies are put in place to ensure the security and integrity of systems and the data they contain. Despite widespread frustration with the use of passwords from both a usability and security standpoint, they remain a very widely used form of authentication.

USCG: Cyber Trends and Insights in the Marine Environment 2022
Credit: USCG

#2 Multi-Factor Authentication

MFA is a security method in which a user is required to provide multiple forms of identification to access a system or account. MFA typically involves at least two of the following three authentication factors:

  • Something the user knows, such as a password or a PIN.
  • Something the user has, such as a security token or a smartphone.
  • Something the user is, such as a fingerprint or a facial recognition.
USCG: Cyber Trends and Insights in the Marine Environment 2022
Credit: USCG

#3 Filter Network Traffic

Filtering network traffic is an important aspect of network security and management, and provides
the following benefits:

  • Protects the network and authorized users from malicious traffic.
  • Improves network performance, security, and monitoring.
  • Provides the ability to enforce compliance requirements.

#4 Privileged Account Management

Privileged account management is a critical element of security and compliance. It helps protect sensitive data and resources, meet regulatory requirements, and improve efficiency by limiting unnecessary access and permissions. Privilege account management is the process of creating, managing, and monitoring privileged accounts in a computer system or network. A privileged account is an account that has more access and permissions than regular user accounts. Privileged accounts include administrator accounts, root accounts, and service accounts.

The main goal of privilege account management is to reduce the risk of security breaches and other malicious actions by controlling access to sensitive data and resources.

USCG: Cyber Trends and Insights in the Marine Environment 2022
Credit: USCG

#5 Update Software

  • Perform regular software updates to mitigate exploitation risk.
  • Ensure operating systems and browsers are using the most current version.
  • Update password managers regularly by employing patch management for internal enterprise endpoints and servers.
  • Keep system images and software updated and migrate to SNMPv3.
  • Update all browsers and plugins and use modern browsers with security features turned on.
  • Update software regularly by employing patch management for externally exposed applications and internal enterprise endpoints and servers.
  • Patch the Basic input/output System (BIOS) and other firmware as necessary to prevent successful use of known vulnerabilities.
  • Update software regularly to include patches that fix Dynamic Link Library (DLL) sideloading vulnerabilities.

#6 User Training

User training is a vital mitigation factor because it helps to educate users about the risks and threats. User training minimizes the likelihood of human error and enables compliance with regulatory requirements. By providing training on topics such as safe browsing, email security, and password management, users are better equipped to identify and mitigate potential security risks.

USCG: Cyber Trends and Insights in the Marine Environment 2022
Credit: USCG

#7 User Account Management
User account management is managing “the creation, use, and permissions associated to user accounts” from MITRE ATT&CK. User account management should follow the principle of least privilege and separation of duties.

USCG: Cyber Trends and Insights in the Marine Environment 2022
Credit: USCG

#8 Account Use Policies

Account Use Policies refers to configuring “features related to account use like login attempt lockouts, specific login times, etc.” from MITRE ATT&CK.

USCG: Cyber Trends and Insights in the Marine Environment 2022
Credit: USCG

EXPLORE MORE AT USCG’S CYBER TRENDS REPORT

USCG: Cyber Trends and Insights in the Marine Environment 2022USCG: Cyber Trends and Insights in the Marine Environment 2022
USCG: Cyber Trends and Insights in the Marine Environment 2022USCG: Cyber Trends and Insights in the Marine Environment 2022
Tags: cyber securitydigitalizationreportstrendsUSCG
Previous Post

How to break patterns that can result to bad habits

Next Post

AMSA bans second vessel in a week

SUGGESTED FOR YOU

bulk carrier
Shipping

Baltic Exchange: Maritime market highlights 7-11 July

July 14, 2025
singapore
Shipping

Singapore tops global maritime center ranking for 12th straight year

July 14, 2025
Dryad Global
Security

Dryad Global: Geopolitical tensions continue to shape maritime landscape

July 10, 2025
UNCTAD
Shipping

UNCTAD: Global trade endures policy changes and uncertainty

July 10, 2025
ReCAAP ISC
Security

ReCAAP ISC: Half Yearly Report 2025, Piracy and Armed Robbery Against Ships in Asia

July 10, 2025
newbuildings xclusiv shipbrokers
Shipping

Xclusiv Shipbrokers: Newbuilding momentum slows sharply in 2025

July 9, 2025

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Explore more

No Result
View All Result
MARITIME EVENTS

Explore

  • Safety
  • SEAFiT
  • Green
  • Smart
  • Risk
  • Others
  • SAFETY4SEA Events
  • SAFETY4SEA Plus Subscription

Useful Links

  • About
  • Disclaimer
  • Editorial Policies
  • Advertising
  • Content Marketing
  • Contact

© 2025 SAFETY4SEA

No Result
View All Result
  • Safety
    • Accidents
    • Alerts
    • Loss Prevention
    • Maritime Health
    • Regulation
    • Safety
    • Seafarers
    • Security
  • SEAFiT
    • Intellectual
    • Mental
    • Physical
    • Social
    • Spiritual
  • Green
    • Arctic
    • Ballast
    • Emissions
    • Fuels
    • Green Shipping
    • Pollution
    • Ship Recycling
    • Technology
  • Smart
    • Connectivity
    • Cyber Security
    • E-navigation
    • Energy Efficiency
    • Maritime Software
    • Smart
  • Risk
    • CIC
    • Detentions
    • Fines
    • PSC Case Studies
    • PSC Focus
    • Vetting
  • Others
    • Diversity in shipping
    • Maritime Knowledge
    • Offshore
    • Ports
    • Shipping
    • Sustainability
    • Videos
  • Columns
    • Anchor Your Health
    • Book Review
    • Career Paths
    • Human Performance
    • Industry Voices
    • Interviews
    • Maripedia
    • Maritime History
    • Opinions
    • Regulatory Update
    • Resilience
    • Seafarers Stories
    • SeaSense
    • Tip of the day
    • Training & Development
    • Wellness Corner
    • Wellness Tips
  • SAFETY4SEA Events
  • SAFETY4SEA Plus Subscription

© 2025 SAFETY4SEA

Manage your privacy
We use technologies like cookies to store and/or access device information. We do this to improve browsing experience and to show (non-) personalized ads. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
Manage options Manage services Manage {vendor_count} vendors Read more about these purposes
Manage options
{title} {title} {title}
No Result
View All Result
  • Safety
    • Accidents
    • Alerts
    • Loss Prevention
    • Maritime Health
    • Regulation
    • Safety
    • Seafarers
    • Security
  • SEAFiT
    • Intellectual
    • Mental
    • Physical
    • Social
    • Spiritual
  • Green
    • Arctic
    • Ballast
    • Emissions
    • Fuels
    • Green Shipping
    • Pollution
    • Ship Recycling
    • Technology
  • Smart
    • Connectivity
    • Cyber Security
    • E-navigation
    • Energy Efficiency
    • Maritime Software
    • Smart
  • Risk
    • CIC
    • Detentions
    • Fines
    • PSC Case Studies
    • PSC Focus
    • Vetting
  • Others
    • Diversity in shipping
    • Maritime Knowledge
    • Offshore
    • Ports
    • Shipping
    • Sustainability
    • Videos
  • Columns
    • Anchor Your Health
    • Book Review
    • Career Paths
    • Human Performance
    • Industry Voices
    • Interviews
    • Maripedia
    • Maritime History
    • Opinions
    • Regulatory Update
    • Resilience
    • Seafarers Stories
    • SeaSense
    • Tip of the day
    • Training & Development
    • Wellness Corner
    • Wellness Tips
  • SAFETY4SEA Events
  • SAFETY4SEA Plus Subscription

© 2025 SAFETY4SEA