- Mark DuPont
USCG Warns of Cyber Attacks on Commercial Vessels
The U.S. Coast Guard has issued a Marine Safety Bulletin warning that commercial vessels are being targeted by email phishing and malware intrusion attacks.
Cyber adversaries are attempting to gain sensitive information including the content of an official Notice of Arrival (NOA) using email addresses that pose as an official Port State Control (PSC) authority such as “port @ pscgov.org.”
The Coast Guard has also received reports of malicious software designed to disrupt shipboard computer systems. Vessel masters have diligently reported suspicious activity to the Coast Guard National Response Center (NRC) enabling the Coast Guard and other federal agencies to counter cyber threats across the global maritime network.
The full US Coast Guard bulletin can be found by clicking here.
Protecting the Maritime Domain
As this recent alert from the U.S. Coast Guard indicates, the maritime industry is an attack surface that keeps growing daily through cruise ship passenger experiences, speed of shipping services, digital navigational connectivity, and electronic billing procedures to name but a few. All this and the Internet of Things has created a multitude of vulnerabilities, increasing access points and plentiful targets throughout our maritime world. All of which presents an appealing opportunity to our adversaries with great potential reward and critical impact on our port driven organizations individually, and our economy as a whole.
In alliance with our members and their mission to patrol, protect and preserve the Nation’s maritime domain, its infrastructure and its economic heartbeat vital to the United States, the NMLEA has identified RiskSense as a STAR Product.
With a unique background and capabilities developed through U.S. Department of Defense and National Security Agency funding, RiskSense has pioneered a higher-level capability called cyber risk management.
The RiskSense platform does not replace the cyber security tools and processes being used currently in an organization. Rather, the platform augments and extends cyber security capabilities by prioritizing risk, applying unique threat intelligence, and accelerating the remediation process; a real plus for small IT teams trying to deal with a growing attack surface. Especially in the maritime industry.
Now, through the RiskSense platform, maritime organizations from port authorities to shipping companies to cruise lines, can all become proactive, versus reactive. As IT personnel continue to get overwhelmed by the information flow, RiskSense can provide its leaders, supervisors and managers with a “single pane” view of their environment, and visually cue their organization’s “RiskScore,” having a better handle on what are priorities and criticalities. All without increasing their staff costs, but rather, saving costs.
To learn how RiskSense can impact your organization you can click here for an informational flyer, or contact the RiskSense team at firstname.lastname@example.org. You can also info the NMLEA staff for more information at email@example.com.