In light of the increased cyber incidents within shipping industry, US Coast Guard published a marine notice, urging shipping players to report any malicious cyber activity, in order to prevent and respond to such threats that could disrupt or jeopardize national security.
Following the situation, the Coast Guard continues to monitor the maritime impact from the ongoing Advanced Persistent Threat (APT) cyber incident in the United States.
Namely, this incident will require a sustained and dedicated effort to remediate. The UCG believes that the AP actor’s compromise of the SolarWinds Orion supply chain affected approximately 18,000 public and private sector customers and that the actor targeted a much smaller subset of that group with follow-on activity.
CISA continues efforts to identify and confirm initial access vectors and identify any changes to the APT’s tactics, techniques, and procedures (TTPs).
As USCG explained:
“Even if you do not own SolarWinds Orion, you may be impacted as your third-party networks, services, and vendors may use SolarWinds Orion. It is critical that the Coast Guard understands the potential risks of this APT actor on marine transportation system networks and supply chain connections”.
What is more, the circular notes that reporting malicious cyber activity enhances maritime domain awareness and allows authorities to be better postured to prevent and respond to cyber incidents that could disrupt commerce or jeopardize national security.
“As always, any potential threat to the cybersecurity of your vessel or facility should be taken seriously. Any Breach of Security or Suspicious Activity resulting from Cyber Security Incidents for MTSA-regulated vessels or facilities shall be reported to the National Response Center at 1-800-424- 8802.”