MARITIME CYBER SECURITY Archives - Page 35 of 40 - SHIP IP LTD

Maritime Cyber Security & Threats May 2020 Week Three

June 1, 2020 MARITIME CYBER SECURITY

Dryad Global’s cyber security partners, Red Sky Alliance, perform weekly queries of  backend databases, identifying all new data containing Motor Vessel (MV) and Motor Tanker (MT) in the subject line of malicious emails.  Email subject line Motor Vessel (MV) or Motor Tanker (MT) keyword usage is a common lure to entice users in the maritime industry to open emails containing malicious attachments.

With our cyber security partner we are providing a weekly list of Motor Vessels where it is observed that the vessel is being impersonated, with associated malicious emails.

The identified emails attempted to deliver malware or phishing links to compromise the vessels and/or parent companies.  Users should be aware of the subject lines used and the email addresses that are attempting to deliver the messages.

Tactical Cyber Intelligence Reporting

In the above collection, we see malicious actors attempting to use vessel names to try to spoof companies in the maritime supply chain.  This week we observed a wide variety of maritime-related subject lines.    Some of the new vessel names used this week include “MT Pavino” and “MV GOLDEN PEARL” among others.

Analysts observed subject line “M/V Ocean Adventure – Fittings for Rescue Boat Repair” being used in a malicious email this week.  The malware contained in this email is one of the most common pieces of malware observed by analysts across all industries.

The email sender is listed as “li <beast3x@eliteomar.com>.” The sending email address does not appear to be registered to any legitimate company, and the domain (eliteomar[.]com) is listed on a defacement website indicating that the webhost was hacked by an Indonesian hacking team – “Indonesian Cyber Jawa”.  The email signature shows the sender’s name is “Kelvin Li” and lists two maritime companies – ATN Marine and Trading Co., LTD & ARC Marine Services Co.,LTD.  Notably, the mailing address listed in his signature is not registered to either company.  A more legitimate email li@atn.com.cn is listed in the signature as well so it is unclear why this user would be sending emails from the “beast3x@eliteomar.com” address.

The targeted recipient of this email is an International Technical Marine Sales agent for Fuji Trading (Marine) B.V. which is a “world leader in marine supply” located in The Netherlands.[1]  There is no clear connection between Fuji Trading (Marine) B.V. and ATN or ARC Marine.  Hans’ email does not appear to be listed publicly anywhere online.

The malware in this email is contained in a malicious .doc attachment titled “103 SWIFT 13-05-20.doc.” When opened, the victim would activate HEUR:Exploit.MSOffice.Generic malware.[2]  This malware exploits a MS Office memory corruption vulnerability (CVE-2017-11882), often downloading a malicious file disguised as an audio driver (%Application Data%audiodrvrdll.exe).[3]

Analysts observed another malicious email containing the subject line used last week, “Amended P.O 28602 / Hebei Ocean.”  The email was sent from “Hebei Ocean Shipping Agency Ltd.<agencqhd@hoscoagency.com>.

The sender email domain appears to be registered to the Hebei Ocean Shipping Agency domain “hoscoagency.com.  As there is no company website.  Analysts are unable to verify the legitimacy of the sending domain but have low confidence that the domain is in fact owned by the shipping agency.  The sending email address was associated with a separate malicious email posted on a spam-email website and does not appear to be a deliverable email address.[4]

The targets were not disclosed in this email making it difficult to conclude the attackers intentions, but the malicious file attachment:
“PURCHASE ORDER 28602.gz” contains HEUR:Backdoor.Win32.Androm.gen” malware.[5]  The file contains backdoor malware which makes registry and file changes to gain a foothold on the victim’s device.  Kaspersky claims that approximately 25% of this malware’s victims are in either Germany or Russia.

These analytical results illustrate how a recipient could be fooled into opening an infected email.   Doing so could cause the recipient to become an infected member of the maritime supply chain and thus possibly infect victim vessels, port facilities and/or shore companies in the marine, agricultural, and other industries with additional malware.

Source: https://dryadglobal.com/maritime-cyber-security-threats-may-wk3/

KR and Samsung in cyber security agreement

June 1, 2020 MARITIME CYBER SECURITY

Classification society Korean Register (KR) has signed an MoU with Samsung Heavy Industries (SHI) to conduct a joint study on “Ship Cyber Security Network Construction and Design Safety Evaluation” at the Marine Engineering Research Center of SHI.

Under the MoU, the two organisations have agreed to evaluate the construction and design safety of cyber security networks applicable to new ships. In addition, they will jointly study technologies that can respond to cyber threats faced by ships, by diagnosing ship cyber security vulnerabilities using the cyber security test beds built by SHI.

SHI is recognised for its technological prowess as a result of its cyber security certifications received from major shipping companies based on its proprietary smart ship solution, SVESSEL. It is expected that by combining KR’s classification capability and the smart ship technology of SHI, the resulting synergies will be extremely beneficial to the shipping industry moving forward.

Cyber security risk management will be significantly strengthened in 2021 when the IMO’s resolution “Cyber Risk Management in Safety Management System (MSC.428 (98))” comes into effect. In the lead up to this date, KR and SHI will work together to enhance and support the application and verification of ship cyber security rules.

“Through this partnership and joint research with Samsung Heavy Industries, we will strengthen our ship cybersecurity certification and our technical service capabilities. KR will also continue to increase its cybersecurity technology leadership in the global maritime market using world-class construction technology through our cooperation and close working with shipyards,” said Kim Dae-heon, head of KR’s Digital Technology Center.

Shim Yong-rae, head of the Shipbuilding and Marine Research Institute of SHI, added, “We expect to considerably increase the security capabilities of smart ships through our joint research with KR, which is renowned for its cybersecurity certification technology. In addition, we will continue to deliver ships with the very latest world-class cybersecurity capabilities for our customers.”

Demand for effective cyber security continues to grow. KR established a maritime cyber security management certification system in 2018 and provides certification services for companies and ships, as well as cyber security type approval services for ship networks and automated systems. The maritime cyber security management certification system encompasses the international security standards (ISO 27001 and IEC 62443), the maritime cyber security guidelines of the IMO and the shipping association BIMCO.

Source: https://shipinsight.com/articles/kr-and-samsung-in-cyber-security-agreement

DP World joins with TradeLens to digitise global supply chains

June 1, 2020 MARITIME CYBER SECURITY

DP World, a leading enabler of global trade, has completed the early stages of integration with TradeLens, a blockchain-based digital container logistics platform, jointly developed by A.P. Moller – Maersk  and IBM.

The collaboration between DP World and the TradeLens platform will help accelerate the digitisation of global supply chains. DP World aims to connect all its 82 marine and inland container terminals, as well as feeder companies and logistics divisions with TradeLens. In 2019 DP World’s terminals handled 71.2 million TEU (twenty-foot equivalent units) containers from around 70,000 vessels.

TradeLens brings together data from the entire global supply chain ecosystem including shippers, port operators and shipping lines. It also aims to modernise manual and paper-based documents, replacing them with blockchain enabled digital solutions.

For DP World the data from its integration with TradeLens will improve operational efficiency with earlier visibility of container flows across multiple carriers. Such visibility includes confirmation of the transport modality that follows the port stay for each container, which in heavy transhipment or rail ports enable better yard planning. It will also expand the capabilities of DP World’s digital platforms created to move online the management of logistics. The DF Alliance, SeaRates, LandRates and AirRates enable shippers to move cargo to and from anywhere at the click of a mouse, across DP World’s network and beyond.

Sultan Ahmed Bin Sulayem, Group Chairman and Chief Executive Office of DP World said:

“Our decision to team up with TradeLens is driven by our vision for intelligent logistics, reducing costs and creating value. DP World is working to deliver integrated supply chain solutions to cargo owners, backed by our global network of ports, terminals, economic zones and inland operations. By working with TradeLens we will accelerate the digitisation of global trade. Modernising the processes by which logistics operate is critical to building more robust and more efficient supply chains which will help economic development and generate more prosperity.”

TradeLens provides visibility across the entire supply chain, from booking to clearance to payments and is built on a wealth of input from the industry including direct integrations with more than 110 ports and terminals, 15+ customs authorities around the world and an increasing number of intermodal providers.

Vincent Clerc, CEO of Ocean and Logistics, A.P. Moller – Maersk, said:

“It is very encouraging to see the continued adoption of the TradeLens platform among global logistics players as it helps global supply chain customers expand and explore the benefits of digital documentation flows. In turn, the broadened geographic scope of the platform provides new opportunities for TradeLens ecosystem participants to innovate and develop digital offerings on the platform.”

Mike White, CEO GTD Solutions and Head of TradeLens, said:

“At its core the TradeLens business model is an open and neutral platform to spur collaboration and digitisation between all parties in the supply chain ecosystem. We are excited to welcome DP World and eagerly await the creation of new potential ways of working for shippers and consignees in global trade. With 4 of the 5 largest global port operators actively engaged with TradeLens, the coverage of the ecosystem continues to expand rapidly.”

DP World has already connected Cochin Port (India) with the TradeLens platform via API technology. Plans to collaborate with other DP World business units, including the feeder line Unifeeder, have also been initiated.

Source: https://seawanderer.org/dp-world-joins-with-tradelens-to-digitise-global-supply-chains

Maritime Cyber Security and ISM guidance FIT for Purpose

June 1, 2020 MARITIME CYBER SECURITY

The ISM Code, supported by the IMO Resolution MSC.428(98), requires ship owners and managers to assess cyber risk and implement relevant measures across all functions of their safety management system, which will be verified by DNVGL at the first Document of Compliance ISM office audit after 1 January 2021.

Important
CYBER SECURITY will be a focus area during the ISM office DOC audit in 2020, where the company auditor verifies the status of implementation. Observations and suggestions for improvement will be issued to support you for further preparation and implementation.

Checklist
Click here for the Cyber Security Protocol which has been developed to support the auditing process having the focus on measures and procedures for managing Cyber Security Risks as per the ISM Code, based on IMO Resolution MSC 428(98), mandating cyber risk to be managed through the ISM Code and the corresponding Safety Management Systems.

Implementation process
(1) Recommended steps to ensure IMO`s Cyber Security compliance:

Application of PDCA process:

 

(2) Make an inventory of systems and software:

IT: Information Technology (IT)

  • IT networks
  • E-mail
  • Administration, accounts, crew lists, …
  • Planned Maintenance
  • Management system
  • Spare part management and procurement
  • Electronic manuals & certificates
  • Permits to work
  • Charter party, notice of readiness, bill of lading

OT: Operation Technology

  • Propulsion, Thrusters & Steering
  • Watertight integrity & Fire Detection
  • Ballasting
  • Power generation & Auxiliary systems
  • Navigation & Communication (ECDIS, …)
  • Industrial systems if applicable (DP, Drilling, … )
  • Cargo systems

(3) Prepare a gap analysis based on the ISM-code requirements:

  • Objectives for cyber security management
  • Define a cyber security policy
  • Critical Equipment: Risk Assessment & Systems to be covered
  • Responsibilities and Authority
  • Resources and Personnel
  • Training and Awareness
  • Shipboard Operations
  • Emergency Response, including drills
  • Reports and Analysis of Non-Conformities, Incidents and Hazardous Occurrences
  • Cyber security maintenance on IT/OT systems and equipment
  • Documentation
  • Company Verification, Internal audits, Review and Evaluation

More information can be found on the DNVGL website.

 

Maritime Cyber Security – Size matters – small does not mean safe!!

May 20, 2020 MARITIME CYBER SECURITY

High-profile cyber-attacks on very large shipping companies such as Maersk, COSCO, MSC, Stenna and Svitzer to name but a few have raised awareness of the growing threat of cyber-crime in the shipowner/operator industry sector.  If it can happen to these shipping sector goliaths with the budgets they have to defend themselves, it can absolutely happen to you.

However, recent surveys conducted by the U.S. Small Business Administration suggest that many small business owners are still operating under a false sense of cyber security based on their company’s size.

When it comes to cyber-attacks, small does not mean safe. In fact, a cyber-attack could be even more detrimental to a small business than to a large corporation.

The National Cyber Security Alliance reports that 60 percent of small and mid-sized businesses go out of business within six months of an attack.

According to Cybersecurity Ventures, costs related to ransomware demands and damages are estimated to reach $20 billion per year by 2021, with the average breach cost to the SME business running at $500k.

Imagine receiving the call from your head of IT to advise that your defenses have failed and ‘they are in’ and have control of your IT and OT systems. Suddenly it’s happened to you, how you respond matters as time is your enemy. Are you prepared for this inevitability, where most are not?

Don’t leave it to chance. Don’t put off the decision to transfer this risk out of your company any longer, Shoreline can provide an affordable maritime cyber insurance solution. Why continue to run this invasive risk when you don’t have to.

Source: https://www.shoreline.bm/news/maritime-cyber-security-size-matters-small-does-not-mean-safe/

THE GUIDELINES ON CYBER SECURITY ONBOARD SHIPS UP FOR REVIEW

May 20, 2020 BIMCOMARITIME CYBER SECURITY

The Guidelines were written by a broad cross section of industry stakeholders and published in their third version in December 2018. Since the publishing of the guidelines the concepts for cyber risk management have continued to develop in several areas. For example the International Maritime Organisation has fine tuned their views on the topic, IACS has developed a set of recommendations for cyber resilience on newbuildings, and shipowners are gaining experience with regards to the cyber threat and the associated practical cyber risk management techniques. All these developments have taken place against the backdrop of rapidly developing information technology where the information transmission speed is growing exponentially and the complexity of networks and the possibilities for data sharing and data cross utilization seem endless.

It is with all this in mind that the cyber working group is casting off and commences the review of the 3rd version of The Guidelines on Cyber Security Onboard Ships.

The review will take place over the coming weeks and it is expected that a new version of the guidelines will be ready for release during the autumn 2020.

Source: https://www.bimco.org/news/security/20200513-the-guidelines-on-cyber-security-onboard-ships-up-for-review

US ports and infrastructure providers come together on cyber security

May 20, 2020 MARITIME CYBER SECURITYPOST STATE CONTROLUSCG

The board members for the ISAC include the Alabama State Port Authority, Greater Lafourche Port Commission (Port Fourchon), Jacksonville Port Authority (Jaxport), Port of New Orleans, Port of San Diego, Port Vancouver USA, and six other maritime critical infrastructure stakeholders.

David Cordell, cio for the Port of New Orleans, offers, “By correlating cybersecurity information across MTS critical stakeholders, the ISAC provides all of us with the early warning needed to protect our individual organizations from incidents. We see value from our participation in the MTS-ISAC that we could not obtain elsewhere.”

Christy Coffey, MTS-ISAC vp of operations, said: “Response to the MTS-ISAC has been phenomenal. Strong leadership from our board and executive team, early adopter sharing of suspicious and malicious activity targeting their organizations, and quality partnerships have led to an extraordinarily successful launch.”

The Department of Homeland Security recognises the Maritime Transportation System (MTS) as one of the seven critical subsectors within the Transportation System Sector. The American Association of Port Authorities believes the MTS is worthy of cybersecurity protection.

The MTS-ISAC serves as a centralised point of coordination between the private and public sector to share timely and actionable cyber threat information between trusted stakeholders. Information sharing and analysis efforts focus on threats to both information technology (IT) and operational technology (OT) systems that stakeholders can use to prevent and/or minimize potential cyber incidents.

The MTS-ISAC’s services assist MTS critical infrastructure stakeholders with understanding and addressing cyber risk areas that are outlined in the 2021 IMO requirements and the recently released US Coast Guard Navigation and Vessel Inspection Circular (NVIC) 01-20, “Guidelines for Addressing Cyber Risks at Maritime Transportation Security Act (MTSA) Regulated Facilities”.

Source: https://www.seatrade-maritime.com/ports-logistics/us-ports-and-infrastructure-providers-come-together-cyber-security

New LNG carrier ‘cyber secure by design’

May 20, 2020 MARITIME CYBER SECURITY

France LNG Shipping is a joint venture of NYK Line and Geogas LNG, a subsidiary of France’s Geogas Group.

Elisa Larus has an overall length of 297 m, beam of 46.4 m, with a GTT Mark III Flex cargo containment system and a WinGD X-DF dual-fuel, slow-speed engine.

Built to Bureau Veritas (BV) class, Elisa Larus is the first LNG carrier to be awarded the French classification society’s cyber security notation. The BV cyber notations provide procedures and methodologies to address design and operational requirements for cyber security in compliance with IMO 2021 requirements and the new IACS recommendation 166.

“A cyber security notation from BV provides a pragmatic approach to cyber security – reflecting industry needs and cyber security best practice,” said Bureau Veritas Marine & Offshore director of advanced services Jean-Baptiste Gillet. “And with a newbuilding we are able to help ensure ‘cyber security by design’”, added Mr Gillet. BV cyber security notations are based on BV’s rule NR-659 and are the result of co-development with marine security experts.

Elisa Laurus is the first LNG carrier with BV's cyber security notation

Elisa Laurus is the first LNG carrier with BV’s cyber security notation

BV is seeing a rapid growth in the number of ships applying for its ‘Cyber Managed’ notation.

The notation was co-developed by BV and external marine security experts as part of joint technical working groups organised by BV. It ensures compliance with the main existing cyber security standards and will enable shipowners to meet the requirements of IMO’s guidance to administrations that maritime cyber security risk should be reflected in ship security practice under the ISM Code by 1 January 2021.

Shipowners in Greece have been pioneers in applying the notation and now it is gaining traction with other shipowners and across the entire maritime ecosystem, including ship managers, charterers, insurers, and offshore operators.

BV expects that more than 100 ships will be operating under the Cyber Managed notation in 2020.

Cyber Managed focuses on ensuring cyber security is managed on board as per industry best practice for change management and traceability of IS/IT systems on board, emergency procedures and basic security protection measures.

Cyber Managed is based on a security risk assessment developed from an initial mapping of onboard systems that results in a practical set of requirements. The initial risk analysis and mapping exercise can be performed either during the newbuilding phase or at any time during the lifecycle of the vessel. As such, the notation is applicable to both new and existing ships.

Source: https://www.rivieramm.com/news-content-hub/new-lng-carrier-lsquocyber-secure-by-designrsquo-59456

Navigate Rotterdam improved thanks to data sourced from sector players

May 20, 2020 MARITIME CYBER SECURITY

The digital application Navigate enables shippers and freight forwarders to choose the most efficient and sustainable transport options for their container shipments. By adding a new route engine and utilising data sourced directly from carriers and operators, the current version of Navigate is more efficient, more complete and – as a result – more reliable.

In 2017 the Port of Rotterdam Authority launched Navigate: a digital application that provides insight into connections to, from and via Rotterdam, as well as business activity in the port. Navigate Rotterdam offers a comprehensive overview of all deep sea and short sea connections via Rotterdam and links these to rail and inland shipping connections in the hinterland. In addition, Navigate’s ‘empty depot service’ shows users where empty containers can be collected and dropped off. The application also includes an online business directory that offers details on the wide range of companies in the port area.

Based on the selected point of departure and destination, the route planner presents a number of different door-to-door options. For each route, the application outlines possible maritime connections, as well as which rail, inland shipping or road haulage options are available for transporting the shipment to its destination. Users can apply filters to quickly pinpoint which solution best suits their needs. After this, they can use Navigate to get in touch with different service providers – at the click of a button – to request a price quote, for example.

It has become very simple to directly submit data to Navigate, enhancing the quality of the presented route options even further. The heart of Navigate is formed by a new intermodal route engine for all sea, rail and inland shipping connections. Navigate currently connects 3,186 terminals worldwide and is processing over 1,435,000 schedules daily.

The Port of Rotterdam Authority is working together with a range of parties in the sector to continuously improve the quality of its digital applications. These applications are in line with the Port Authority’s ambition to develop into the world’s smartest port, by taking advantage of the opportunities presented by new technologies. This will ultimately make operations in the port of Rotterdam swifter, safer, more efficient and more sustainable.

Source: https://seawanderer.org/navigate-rotterdam-improved-thanks-to-data-sourced-from-sector-players

Bureau Veritas Awards NYK JV’s New LNGC ‘Elisa Larus’ Cyber Security Notation

May 20, 2020 MARITIME CYBER SECURITY

Bureau Veritas (BV), a world leader in testing, inspection, and certification (TIC) services is classing the recently delivered ‘Elisa Larus’.

France LNG Shipping SAS (a French ship-owning company jointly owned by NYK and Geogas LNG*) has taken delivery of the LNG carrier ‘Elisa Larus’ from Hyundai Samho Heavy Industries in South Korea. The 174,000 cbm gas carrier is classed by Bureau Veritas.

The new vessel has been awarded a Bureau Veritas cyber security notation. The BV cyber notations provide procedures and methodologies to address design and operational requirements for cyber security in compliance with IMO 2021 requirements as well as the new IACS recommendation 166.

‘This is the first such award of a cyber notation for an LNG carrier’, commented Jean-Baptiste Gillet, Director Advanced Services, Bureau Veritas Marine & Offshore.

‘A cyber security notation from BV provides a pragmatic approach to cyber security – reflecting industry needs and cyber security best practice. And with a newbuilding we are able to help ensure “cyber security by design”.’ BV cyber security notations are based on BV’s rule NR 659 and the result of co-development with marine security experts.

Source: https://www.marineinsight.com/shipping-news/bureau-veritas-awards-nyk-jvs-new-lngc-elisa-larus-cyber-security-notation/

Newer Posts

Older Posts

News

Quick Menu

Company DETAILS

SHIP IP LTD
VAT:BG 202572176
Rakovski STR.145
Sofia,
Bulgaria
Phone ( +359) 24929284
E-mail: sales(at)shipip.com

ISO 9001:2015 CERTIFIED