Subscribe to our Mailing Lists (It's free!)
Friday, July 4, 2025
SAFETY4SEA
  • Home
  • Safety
    • All
    • Accidents
    • Alerts
    • Loss Prevention
    • Maritime Health
    • Regulation
    • Safety
    • Seafarers
    • Security
    AP Companies: How physical and mental well-being shape happier ships

    AP Companies: How physical and mental well-being shape happier ships

    bali indonesia

    Ferry sinks off Bali with multiple casualties

    Year in Review: How the Russian invasion of Ukraine affected shipping in 2022

    LR: New requirements for lifting appliances and anchor winches

    USCG warning: Cyber attack affects MTSA facility

    Two crew members accused over deadly tanker collision

  • SEAFiT
    • All
    • Intellectual
    • Mental
    • Physical
    • Social
    • Spiritual
    neck pain

    Neck pain: A growing health concern for maritime workers

    Book Review: Building leaders the MMMA way

    Book Review: Feel grounded and think positive in 10 simple steps

    time

    Stay SEAFiT: Time is non-renewable – invest it wisely

    public speaking

    8 Key rules of Public Speaking

  • Green
    • All
    • Arctic
    • Ballast
    • Emissions
    • Fuels
    • Green Shipping
    • Pollution
    • Ship Recycling
    • Technology
    hull

    AkzoNobel: Quality antifouling coatings can help with CII and EEXI compliance

    nuclear power

    Nuclear shipping inches closer to reality: Latest developments

    nuclear energy ABS

    Consortium advances floating nuclear power for the Mediterranean

    CSA scrubbers

    CSA urges OSPAR to improve understanding before enacting scrubber ban

  • Smart
    • All
    • Connectivity
    • Cyber Security
    • E-navigation
    • Energy Efficiency
    • Maritime Software
    • Smart
    connectivity

    Innovating ocean safety: Intellian’s unified vision for connectivity and GMDSS

    autonomous navigation

    New deal aims to advance autonomous navigation technology

    abs training center

    ABS opens smart training center in Athens

    iaph cyber security

    IAPH releases cyber security guidelines for new port technologies

  • Risk
    • All
    • CIC
    • Detentions
    • Fines
    • PSC Focus
    • Vetting
    OCIMF

    OCIMF Annual Report 2025: SIRE 2.0 a welcome change for the industry

    USCG

    ABS PSC Report Q1 2025: 526 total vessels detained

    paris mou lists

    Paris MoU 2024 Performance lists

    PSC

    AMSA Annual PSC Report: ISM-related deficiencies on the lead

  • Others
    • All
    • Diversity in shipping
    • Maritime Knowledge
    • Offshore
    • Ports
    • Shipping
    • Sustainability
    • Videos
    European Commission EU

    EU in discussions over maritime and port strategies

    underwater noise from ships

    AMSA: Reduction of underwater radiated noise from shipping

    nuclear energy ABS

    Consortium advances floating nuclear power for the Mediterranean

    Germany shadow fleet

    German Government increases vigilance in the Baltic Sea

  • Columns
    AMPI: Seafarers face critical risks in pilot transfer rigging

    AMPI: Seafarers face critical risks in pilot transfer rigging

    connectivity

    Innovating ocean safety: Intellian’s unified vision for connectivity and GMDSS

    human factor organizational safety

    Cracking the safety code: Why human factors matter

    Trending Tags

    • Anchor Your Health
    • Book Review
    • Career Paths
    • Human Performance
    • Industry Voices
    • Interviews
    • Maripedia
    • Maritime History
    • Regulatory Update
    • Resilience
    • Seafarers Stories
    • SeaSense
    • Training & Development
    • Wellness Corner
    • Wellness Tips
  • Events
  • Plus
No Result
View All Result
  • Home
  • Safety
    • All
    • Accidents
    • Alerts
    • Loss Prevention
    • Maritime Health
    • Regulation
    • Safety
    • Seafarers
    • Security
    AP Companies: How physical and mental well-being shape happier ships

    AP Companies: How physical and mental well-being shape happier ships

    bali indonesia

    Ferry sinks off Bali with multiple casualties

    Year in Review: How the Russian invasion of Ukraine affected shipping in 2022

    LR: New requirements for lifting appliances and anchor winches

    USCG warning: Cyber attack affects MTSA facility

    Two crew members accused over deadly tanker collision

  • SEAFiT
    • All
    • Intellectual
    • Mental
    • Physical
    • Social
    • Spiritual
    neck pain

    Neck pain: A growing health concern for maritime workers

    Book Review: Building leaders the MMMA way

    Book Review: Feel grounded and think positive in 10 simple steps

    time

    Stay SEAFiT: Time is non-renewable – invest it wisely

    public speaking

    8 Key rules of Public Speaking

  • Green
    • All
    • Arctic
    • Ballast
    • Emissions
    • Fuels
    • Green Shipping
    • Pollution
    • Ship Recycling
    • Technology
    hull

    AkzoNobel: Quality antifouling coatings can help with CII and EEXI compliance

    nuclear power

    Nuclear shipping inches closer to reality: Latest developments

    nuclear energy ABS

    Consortium advances floating nuclear power for the Mediterranean

    CSA scrubbers

    CSA urges OSPAR to improve understanding before enacting scrubber ban

  • Smart
    • All
    • Connectivity
    • Cyber Security
    • E-navigation
    • Energy Efficiency
    • Maritime Software
    • Smart
    connectivity

    Innovating ocean safety: Intellian’s unified vision for connectivity and GMDSS

    autonomous navigation

    New deal aims to advance autonomous navigation technology

    abs training center

    ABS opens smart training center in Athens

    iaph cyber security

    IAPH releases cyber security guidelines for new port technologies

  • Risk
    • All
    • CIC
    • Detentions
    • Fines
    • PSC Focus
    • Vetting
    OCIMF

    OCIMF Annual Report 2025: SIRE 2.0 a welcome change for the industry

    USCG

    ABS PSC Report Q1 2025: 526 total vessels detained

    paris mou lists

    Paris MoU 2024 Performance lists

    PSC

    AMSA Annual PSC Report: ISM-related deficiencies on the lead

  • Others
    • All
    • Diversity in shipping
    • Maritime Knowledge
    • Offshore
    • Ports
    • Shipping
    • Sustainability
    • Videos
    European Commission EU

    EU in discussions over maritime and port strategies

    underwater noise from ships

    AMSA: Reduction of underwater radiated noise from shipping

    nuclear energy ABS

    Consortium advances floating nuclear power for the Mediterranean

    Germany shadow fleet

    German Government increases vigilance in the Baltic Sea

  • Columns
    AMPI: Seafarers face critical risks in pilot transfer rigging

    AMPI: Seafarers face critical risks in pilot transfer rigging

    connectivity

    Innovating ocean safety: Intellian’s unified vision for connectivity and GMDSS

    human factor organizational safety

    Cracking the safety code: Why human factors matter

    Trending Tags

    • Anchor Your Health
    • Book Review
    • Career Paths
    • Human Performance
    • Industry Voices
    • Interviews
    • Maripedia
    • Maritime History
    • Regulatory Update
    • Resilience
    • Seafarers Stories
    • SeaSense
    • Training & Development
    • Wellness Corner
    • Wellness Tips
  • Events
  • Plus
No Result
View All Result
SAFETY4SEA

USCG warning: Cyber attack affects MTSA facility

by The Editorial Team
December 24, 2019
in Cyber Security
phishing

Credit: Shutterstock

FacebookTwitterEmailLinkedin

The US Coast Guard issued a bulletin to inform the maritime community of a recent incident involving a ransomware intrusion at a Maritime Transportation Security Act (MTSA)-regulated facility. Research is currently ongoing, but the virus, identified as “Ryuk” ransomware, may have entered the network of the MTSA facility via an email phishing campaign.

Once the embedded malicious link in the email was clicked by an employee, the ransomware allowed for a threat actor to access significant enterprise Information Technology (IT) network files, and encrypt them, preventing the facility’s access to critical files,

…the USCG explained.

The virus further burrowed into the industrial control systems that monitor and control cargo transfer and encrypted files critical to process operations.

The impacts to the facility included a disruption of the entire corporate IT network (beyond the footprint of the facility), disruption of camera and physical access control systems, and loss of critical process control monitoring systems.

RelatedNews

LR: New requirements for lifting appliances and anchor winches

Watch: Key equipment that can aid in MOB recovery

These combined effects required the company to shut down the primary operations of the facility for over 30 hours while a cyber-incident response was conducted.

At a minimum, the following measures may have prevented or limited the breach and decreased the time for recovery:

  • Intrusion Detection and Intrusion Prevention Systems to monitor real-time network traffic
  • Industry standard and up to date virus detection software
  • Centralized and monitored host and server logging
  • Network segmentation to prevent IT systems from accessing the Operational Technology (OT) environment
  • Up-to-date IT/OT network diagrams
  • Consistent backups of all critical files and software

 

About Ryuk

Ryuk was first seen in August 2018 and has been responsible for multiple attacks globally. Ryuk is a targeted ransomware where demands are set according to the victim’s perceived ability to pay.

The Ryuk ransomware is often not observed until a period of time after the initial infection – ranging from days to months – which allows the actor time to carry out reconnaissance inside an infected network, identifying and targeting critical network systems and therefore maximising the impact of the attack. 1 But it may also offer the potential to mitigate against a ransomware attack before it occurs, if the initial infection is detected and remedied.

Ryuk is a persistent infection. The malware’s installer will attempt to stop certain antimalware software and install the appropriate version of Ryuk depending on a system’s architecture.

The Ryuk ransomware itself does not contain the ability to move laterally within a network, hence the reliance on access via a primary infection, but it does however have the ability to enumerate network shares and encrypt those it can access.

This, coupled with the ransomware’s use of anti-forensic recovery techniques (such as manipulating the virtual shadow copy), is a technique to make recovering from backups difficult.

All non-executable files across the system will be encrypted and will be renamed with the .ryk file extension. A ransom note will be dropped in each processed folder with the name RyukReadMe (.html or .txt).

 

Recommendations

As a result from the incident, the USCG recommends:

  • Facilities to utilize the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF) and NIST Special Publication 800-82 when implementing a Cyber Risk Management Program.
  • Maritime stakeholders to verify the validity of the email sender prior to responding to or opening any unsolicited email messages.
  • Facility owners and operators continue to evaluate their cyber security defense measures to reduce the effect of a cyber-attack.

As a reminder, suspicious activity and breaches of security, including breaches of telecommunications equipment, including computer, system and network security measures which support functions described in the facility security plan or could contribute to a Transportation Security Incident (TSI), must be reported to the National Response Center (NRC) at (800) 424-8802.

For additional guidance on the defining and reporting of cyber incidents refer to CG-5P Policy Letter 08-16, “Reporting Suspicious Activity and Breaches of Security.”

The Coast Guard encourages companies and their facilities to remain vigilant in the identification and prompt reporting of suspicious cyber-related activities. Questions pertaining to this bulletin may be directed to the Coast Guard Office of Port & Facility Compliance’s Domestic Ports Division (CG-FAC1) at (202) 372-1109.

 

Cyber threat has been identified as a key area of concern for shipping in the last years, especially on the aftermath of the NotPetya attack breaching the systems of Danish shipping giant Maersk in June 2017. 

 

Find out more risk mitigation measures in the following Advisory by UK National Cyber Security Center:

USCG warning: Cyber attack affects MTSA facility

USCG warning: Cyber attack affects MTSA facilityUSCG warning: Cyber attack affects MTSA facility
USCG warning: Cyber attack affects MTSA facilityUSCG warning: Cyber attack affects MTSA facility
Tags: best practicescyber securitysmUSCG
Previous Post

Svitzer takes 100% ownership of Port Towage Amsterdam

Next Post

Equinor gets drilling permit for its North Sea well

Related News

speaking up culture
Maritime Knowledge

Addressing crew shortage: Zero tolerance and clear consequences for unacceptable behaviour

June 30, 2025
IMPA: 85% of non-compliance not reported to port State authorities
Safety

IMPA: 85% of non-compliance not reported to port State authorities

June 30, 2025
Persian Gulf
Loss Prevention

West P&I Club: Navigating the Persian Gulf in 2025

June 27, 2025
harassment-free ships
Seafarers

Industry Voices: Navigating toward safer, harassment-free ships

June 25, 2025
middle east
Alerts

Key measures for vessels calling at ports in conflict zones

June 24, 2025
RMI
Security

RMI: Vessels linked to the US or Israel must operate at Security Level 3

June 24, 2025

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Explore more

No Result
View All Result
MARITIME EVENTS

Explore

  • Safety
  • SEAFiT
  • Green
  • Smart
  • Risk
  • Others
  • SAFETY4SEA Events
  • SAFETY4SEA Plus Subscription

Useful Links

  • About
  • Disclaimer
  • Editorial Policies
  • Advertising
  • Content Marketing
  • Contact

© 2025 SAFETY4SEA

No Result
View All Result
  • Safety
    • Accidents
    • Alerts
    • Loss Prevention
    • Maritime Health
    • Regulation
    • Safety
    • Seafarers
    • Security
  • SEAFiT
    • Intellectual
    • Mental
    • Physical
    • Social
    • Spiritual
  • Green
    • Arctic
    • Ballast
    • Emissions
    • Fuels
    • Green Shipping
    • Pollution
    • Ship Recycling
    • Technology
  • Smart
    • Connectivity
    • Cyber Security
    • E-navigation
    • Energy Efficiency
    • Maritime Software
    • Smart
  • Risk
    • CIC
    • Detentions
    • Fines
    • PSC Case Studies
    • PSC Focus
    • Vetting
  • Others
    • Diversity in shipping
    • Maritime Knowledge
    • Offshore
    • Ports
    • Shipping
    • Sustainability
    • Videos
  • Columns
    • Anchor Your Health
    • Book Review
    • Career Paths
    • Human Performance
    • Industry Voices
    • Interviews
    • Maripedia
    • Maritime History
    • Opinions
    • Regulatory Update
    • Resilience
    • Seafarers Stories
    • SeaSense
    • Tip of the day
    • Training & Development
    • Wellness Corner
    • Wellness Tips
  • SAFETY4SEA Events
  • SAFETY4SEA Plus Subscription

© 2025 SAFETY4SEA

Manage your privacy
We use technologies like cookies to store and/or access device information. We do this to improve browsing experience and to show (non-) personalized ads. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
Manage options Manage services Manage {vendor_count} vendors Read more about these purposes
Manage options
{title} {title} {title}
No Result
View All Result
  • Safety
    • Accidents
    • Alerts
    • Loss Prevention
    • Maritime Health
    • Regulation
    • Safety
    • Seafarers
    • Security
  • SEAFiT
    • Intellectual
    • Mental
    • Physical
    • Social
    • Spiritual
  • Green
    • Arctic
    • Ballast
    • Emissions
    • Fuels
    • Green Shipping
    • Pollution
    • Ship Recycling
    • Technology
  • Smart
    • Connectivity
    • Cyber Security
    • E-navigation
    • Energy Efficiency
    • Maritime Software
    • Smart
  • Risk
    • CIC
    • Detentions
    • Fines
    • PSC Case Studies
    • PSC Focus
    • Vetting
  • Others
    • Diversity in shipping
    • Maritime Knowledge
    • Offshore
    • Ports
    • Shipping
    • Sustainability
    • Videos
  • Columns
    • Anchor Your Health
    • Book Review
    • Career Paths
    • Human Performance
    • Industry Voices
    • Interviews
    • Maripedia
    • Maritime History
    • Opinions
    • Regulatory Update
    • Resilience
    • Seafarers Stories
    • SeaSense
    • Tip of the day
    • Training & Development
    • Wellness Corner
    • Wellness Tips
  • SAFETY4SEA Events
  • SAFETY4SEA Plus Subscription

© 2025 SAFETY4SEA