Subscribe to our Mailing Lists (It's free!)
Monday, October 2, 2023
SAFETY4SEA
  • Home
  • Safety
    • All
    • Accidents
    • Alerts
    • Loss Prevention
    • Maritime Health
    • Regulation
    • Safety
    • Seafarers
    • Security
    Future Maritime Leaders

    Danish Shipping works with IMO for a safer, greener shipping

    UK MAIB Safety Digest 2023, 2nd Edition

    UK MAIB Safety Digest 2023, 2nd Edition

    londons insurance markets

    Gard: Risk mitigation measures for high risk areas

    Trauma-informed approach key to appropriate and effective casualty investigations

    Trauma-informed approach key to appropriate and effective casualty investigations

  • SEAFiT
    • All
    • Intellectual
    • Mental
    • Physical
    • Social
    • Spiritual
    thinking out of the box

    Thinking out of the box: 5 tips for creative thinking

    Practicing gratitude can change your life

    Practicing gratitude can change your life

    Always do what your gut tells you: Keep it healthy

    Always do what your gut tells you: Keep it healthy

    Book Review: A role model for ship managers

    Book Review: How we perceive and deal with luck in life and business

  • Green
    • All
    • Arctic
    • Ballast
    • Emissions
    • Fuels
    • Green Shipping
    • Pollution
    • Ship Recycling
    • Technology
    LR, Cargill, Minerva Dry and NACKS team up on methanol bulk carrier

    LR, Cargill, Minerva Dry and NACKS team up on methanol bulk carrier

    Future Maritime Leaders

    Danish Shipping works with IMO for a safer, greener shipping

    Cepsa begins distributing biofuels at the Port of Barcelona

    Cepsa begins distributing biofuels at the Port of Barcelona

    X-Press Feeders orders six methanol dual-fuel containerships

    Tsunesihi Shipbuilding receives more orders for methanol-fueled vessels

  • Smart
    • All
    • Connectivity
    • Cyber Security
    • E-navigation
    • Energy Efficiency
    • Maritime Software
    • Smart
    IACS enhances requirements on cyber security

    IACS enhances requirements on cyber security

    New 3D printing joint venture for shipping industry

    New 3D printing joint venture for shipping industry

    Jotun Hellas pioneers vessel maintenance and safety with novel Aerial Drone Inspection Service

    Jotun Hellas pioneers vessel maintenance and safety with novel Aerial Drone Inspection Service

    OneCare Solutions releases groundbreaking mobile app with holistic approach to seafarer wellbeing

    OneCare Solutions releases groundbreaking mobile app with holistic approach to seafarer wellbeing

  • Risk
    • All
    • CIC
    • Detentions
    • Fines
    • PSC Case Studies
    • PSC Focus
    • Vetting
    indian seafarers prison

    Cruise captain jailed for 5 years in fatal Hungary boat accident

    canada shipwreck

    Ghana imposes strict PSC and fines over MARPOL violations

    ClassNK amends its rules on construction of steel ships

    Liberia: How to comply with PSC focus on firefighting and clean machinery spaces

    orange county oil spill fines

    Crude oil tanker to pay 88 crores for damaging Haldia oil jetty

  • Others
    • All
    • Diversity in shipping
    • Maritime Knowledge
    • Offshore
    • Ports
    • Reports
    • Shipping
    • Sustainability
    • Videos
    Cepsa begins distributing biofuels at the Port of Barcelona

    Cepsa begins distributing biofuels at the Port of Barcelona

    Panama Canal

    Panama Canal to allow 31 transits per day, starting November 1st

    Port of London welcomes world’s first green methanol container vessel

    Port of London welcomes world’s first green methanol container vessel

    nord stream

    Baltic Exchange: Maritime market highlights 25 – 29 September

  • Columns
    Safeguarding seafarer welfare in an era of decarbonisation

    Safeguarding seafarer welfare in an era of decarbonisation

    AD Ports, Karachi Port Trust sign MoU to develop terminal infrastructure

    Decarbonising UK freight: the UK coastal shipping opportunity

    Gard Club: Industry needs to mature and learn from incidents and human errors

    Gard Club: Industry needs to mature and learn from incidents and human errors

    Trending Tags

    • Book Review
    • Career Paths
    • Industry Voices
    • Interviews
    • Maripedia
    • Maritime History
    • Resilience
    • Seafarers Stories
    • SeaSense
    • Wellness Corner
  • Events
  • Plus
No Result
View All Result
  • Home
  • Safety
    • All
    • Accidents
    • Alerts
    • Loss Prevention
    • Maritime Health
    • Regulation
    • Safety
    • Seafarers
    • Security
    Future Maritime Leaders

    Danish Shipping works with IMO for a safer, greener shipping

    UK MAIB Safety Digest 2023, 2nd Edition

    UK MAIB Safety Digest 2023, 2nd Edition

    londons insurance markets

    Gard: Risk mitigation measures for high risk areas

    Trauma-informed approach key to appropriate and effective casualty investigations

    Trauma-informed approach key to appropriate and effective casualty investigations

  • SEAFiT
    • All
    • Intellectual
    • Mental
    • Physical
    • Social
    • Spiritual
    thinking out of the box

    Thinking out of the box: 5 tips for creative thinking

    Practicing gratitude can change your life

    Practicing gratitude can change your life

    Always do what your gut tells you: Keep it healthy

    Always do what your gut tells you: Keep it healthy

    Book Review: A role model for ship managers

    Book Review: How we perceive and deal with luck in life and business

  • Green
    • All
    • Arctic
    • Ballast
    • Emissions
    • Fuels
    • Green Shipping
    • Pollution
    • Ship Recycling
    • Technology
    LR, Cargill, Minerva Dry and NACKS team up on methanol bulk carrier

    LR, Cargill, Minerva Dry and NACKS team up on methanol bulk carrier

    Future Maritime Leaders

    Danish Shipping works with IMO for a safer, greener shipping

    Cepsa begins distributing biofuels at the Port of Barcelona

    Cepsa begins distributing biofuels at the Port of Barcelona

    X-Press Feeders orders six methanol dual-fuel containerships

    Tsunesihi Shipbuilding receives more orders for methanol-fueled vessels

  • Smart
    • All
    • Connectivity
    • Cyber Security
    • E-navigation
    • Energy Efficiency
    • Maritime Software
    • Smart
    IACS enhances requirements on cyber security

    IACS enhances requirements on cyber security

    New 3D printing joint venture for shipping industry

    New 3D printing joint venture for shipping industry

    Jotun Hellas pioneers vessel maintenance and safety with novel Aerial Drone Inspection Service

    Jotun Hellas pioneers vessel maintenance and safety with novel Aerial Drone Inspection Service

    OneCare Solutions releases groundbreaking mobile app with holistic approach to seafarer wellbeing

    OneCare Solutions releases groundbreaking mobile app with holistic approach to seafarer wellbeing

  • Risk
    • All
    • CIC
    • Detentions
    • Fines
    • PSC Case Studies
    • PSC Focus
    • Vetting
    indian seafarers prison

    Cruise captain jailed for 5 years in fatal Hungary boat accident

    canada shipwreck

    Ghana imposes strict PSC and fines over MARPOL violations

    ClassNK amends its rules on construction of steel ships

    Liberia: How to comply with PSC focus on firefighting and clean machinery spaces

    orange county oil spill fines

    Crude oil tanker to pay 88 crores for damaging Haldia oil jetty

  • Others
    • All
    • Diversity in shipping
    • Maritime Knowledge
    • Offshore
    • Ports
    • Reports
    • Shipping
    • Sustainability
    • Videos
    Cepsa begins distributing biofuels at the Port of Barcelona

    Cepsa begins distributing biofuels at the Port of Barcelona

    Panama Canal

    Panama Canal to allow 31 transits per day, starting November 1st

    Port of London welcomes world’s first green methanol container vessel

    Port of London welcomes world’s first green methanol container vessel

    nord stream

    Baltic Exchange: Maritime market highlights 25 – 29 September

  • Columns
    Safeguarding seafarer welfare in an era of decarbonisation

    Safeguarding seafarer welfare in an era of decarbonisation

    AD Ports, Karachi Port Trust sign MoU to develop terminal infrastructure

    Decarbonising UK freight: the UK coastal shipping opportunity

    Gard Club: Industry needs to mature and learn from incidents and human errors

    Gard Club: Industry needs to mature and learn from incidents and human errors

    Trending Tags

    • Book Review
    • Career Paths
    • Industry Voices
    • Interviews
    • Maripedia
    • Maritime History
    • Resilience
    • Seafarers Stories
    • SeaSense
    • Wellness Corner
  • Events
  • Plus
No Result
View All Result
SAFETY4SEA

USCG warning: Cyber attack affects MTSA facility

by The Editorial Team
December 24, 2019
in Cyber Security
phishing

Credit: Shutterstock

FacebookTwitterEmailLinkedin

The US Coast Guard issued a bulletin to inform the maritime community of a recent incident involving a ransomware intrusion at a Maritime Transportation Security Act (MTSA)-regulated facility. Research is currently ongoing, but the virus, identified as “Ryuk” ransomware, may have entered the network of the MTSA facility via an email phishing campaign.

Once the embedded malicious link in the email was clicked by an employee, the ransomware allowed for a threat actor to access significant enterprise Information Technology (IT) network files, and encrypt them, preventing the facility’s access to critical files,

…the USCG explained.

The virus further burrowed into the industrial control systems that monitor and control cargo transfer and encrypted files critical to process operations.

The impacts to the facility included a disruption of the entire corporate IT network (beyond the footprint of the facility), disruption of camera and physical access control systems, and loss of critical process control monitoring systems.

RelatedNews

IACS enhances requirements on cyber security

Gard Club: Ballast water management regulations are tightening

These combined effects required the company to shut down the primary operations of the facility for over 30 hours while a cyber-incident response was conducted.

At a minimum, the following measures may have prevented or limited the breach and decreased the time for recovery:

  • Intrusion Detection and Intrusion Prevention Systems to monitor real-time network traffic
  • Industry standard and up to date virus detection software
  • Centralized and monitored host and server logging
  • Network segmentation to prevent IT systems from accessing the Operational Technology (OT) environment
  • Up-to-date IT/OT network diagrams
  • Consistent backups of all critical files and software

 

About Ryuk

Ryuk was first seen in August 2018 and has been responsible for multiple attacks globally. Ryuk is a targeted ransomware where demands are set according to the victim’s perceived ability to pay.

The Ryuk ransomware is often not observed until a period of time after the initial infection – ranging from days to months – which allows the actor time to carry out reconnaissance inside an infected network, identifying and targeting critical network systems and therefore maximising the impact of the attack. 1 But it may also offer the potential to mitigate against a ransomware attack before it occurs, if the initial infection is detected and remedied.

Ryuk is a persistent infection. The malware’s installer will attempt to stop certain antimalware software and install the appropriate version of Ryuk depending on a system’s architecture.

The Ryuk ransomware itself does not contain the ability to move laterally within a network, hence the reliance on access via a primary infection, but it does however have the ability to enumerate network shares and encrypt those it can access.

This, coupled with the ransomware’s use of anti-forensic recovery techniques (such as manipulating the virtual shadow copy), is a technique to make recovering from backups difficult.

All non-executable files across the system will be encrypted and will be renamed with the .ryk file extension. A ransom note will be dropped in each processed folder with the name RyukReadMe (.html or .txt).

 

Recommendations

As a result from the incident, the USCG recommends:

  • Facilities to utilize the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF) and NIST Special Publication 800-82 when implementing a Cyber Risk Management Program.
  • Maritime stakeholders to verify the validity of the email sender prior to responding to or opening any unsolicited email messages.
  • Facility owners and operators continue to evaluate their cyber security defense measures to reduce the effect of a cyber-attack.

As a reminder, suspicious activity and breaches of security, including breaches of telecommunications equipment, including computer, system and network security measures which support functions described in the facility security plan or could contribute to a Transportation Security Incident (TSI), must be reported to the National Response Center (NRC) at (800) 424-8802.

For additional guidance on the defining and reporting of cyber incidents refer to CG-5P Policy Letter 08-16, “Reporting Suspicious Activity and Breaches of Security.”

The Coast Guard encourages companies and their facilities to remain vigilant in the identification and prompt reporting of suspicious cyber-related activities. Questions pertaining to this bulletin may be directed to the Coast Guard Office of Port & Facility Compliance’s Domestic Ports Division (CG-FAC1) at (202) 372-1109.

 

Cyber threat has been identified as a key area of concern for shipping in the last years, especially on the aftermath of the NotPetya attack breaching the systems of Danish shipping giant Maersk in June 2017. 

 

Find out more risk mitigation measures in the following Advisory by UK National Cyber Security Center:

Tags: best practicescyber incidentscyber securitysmUSCG
Previous Post

Svitzer takes 100% ownership of Port Towage Amsterdam

Next Post

Equinor gets drilling permit for its North Sea well

Related News

captain jailed Shell
Shipping

Chief engineer sentenced to spend a year in prison

September 20, 2023
uscg cyber trends
Cyber Security

ABS Wavesight: Defending your cyber access points is vital

September 13, 2023
Marshall Islands: All vessels must carry a medicine chest onboard
Seafarers

Marshall Islands: All vessels must carry a medicine chest onboard

September 8, 2023
Proper attitude at sea is vital for a diverse shipboard team
Diversity in shipping

Proper attitude at sea is vital for a diverse shipboard team

September 7, 2023
Proper sampling of liquid cargoes is vital: Best practices
Loss Prevention

Proper sampling of liquid cargoes is vital: Best practices

September 7, 2023
Addressing drug and alcohol abuse onboard: Prevention is a key priority
Maritime Health

Addressing drug and alcohol abuse onboard: Prevention is a key priority

September 5, 2023

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended

Houston Ship Channel

Houston Pilots: Vessels must override their power limiter to avoid navigational risks

September 29, 2023
NATO phonetic alphabet

Do you know what NATO phonetic alphabet is?

November 24, 2020
MARITIME EVENTS

Explore

  • Safety
  • SEAFiT
  • Green
  • Smart
  • Risk
  • Others
  • SAFETY4SEA Events
  • SAFETY4SEA Plus Subscription

Useful Links

  • About
  • Disclaimer
  • Editorial Policies
  • Advertising
  • Content Marketing
  • Contact

© 2021 SAFETY4SEA

No Result
View All Result
  • Safety
    • Accidents
    • Alerts
    • Loss Prevention
    • Maritime Health
    • Regulation
    • Safety
    • Seafarers
    • Security
  • SEAFiT
    • Intellectual
    • Mental
    • Physical
    • Social
    • Spiritual
  • Green
    • Arctic
    • Ballast
    • Emissions
    • Fuels
    • Green Shipping
    • Pollution
    • Ship Recycling
    • Technology
  • Smart
    • Connectivity
    • Cyber Security
    • E-navigation
    • Energy Efficiency
    • Maritime Software
    • Smart
  • Risk
    • CIC
    • Detentions
    • Fines
    • PSC Case Studies
    • PSC Focus
    • Vetting
  • Others
    • Diversity in shipping
    • Maritime Knowledge
    • Offshore
    • Ports
    • Reports
    • Shipping
    • Sustainability
    • Videos
  • Columns
    • Opinions
    • Book Review
    • Career Paths
    • Industry Voices
    • Interviews
    • Maripedia
    • Maritime History
    • Resilience
    • Seafarers Stories
    • SeaSense
    • Wellness Corner
  • SAFETY4SEA Events
  • SAFETY4SEA Plus Subscription

© 2021 SAFETY4SEA

This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Disclaimer.